File _patchinfo of Package patchinfo.35534
<patchinfo incident="35534">
<issue id="1193629" tracker="bnc">[TRACKERBUG] SLE15-SP4 backports for cifs.ko</issue>
<issue id="1194111" tracker="bnc">VUL-0: CVE-2021-4204: kernel-source: eBPF Improper Input Validation Privilege Escalation Vulnerability</issue>
<issue id="1194765" tracker="bnc">VUL-0: CVE-2022-23222: kernel-source: eBPF Improper Input Validation Vulnerability</issue>
<issue id="1194869" tracker="bnc">[TRACKERBUG] 5.14 powerpc base kernel fixes</issue>
<issue id="1196261" tracker="bnc">VUL-0: CVE-2022-0500: kernel-source-azure,kernel-source,kernel-source-rt: kernel: Linux ebpf logic vulnerability leads to critical memory read and write gaining root privileges</issue>
<issue id="1196516" tracker="bnc">SLES15 SP4 - ibmvnic: fix a race in ibmvnic_probe()</issue>
<issue id="1196894" tracker="bnc">The OS cannot boot (kernel panic) when enabling VMD and IOMMU scalable mode</issue>
<issue id="1198017" tracker="bnc">[PATCH] blktrace: fix use after free for struct blk_trace</issue>
<issue id="1203360" tracker="bnc">[PATCH] btrfs: fix relocation crash due to premature return from btrfs_commit_transaction()</issue>
<issue id="1206006" tracker="bnc">[Azure] scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM</issue>
<issue id="1206258" tracker="bnc">VUL-0: CVE-2022-4382: kernel: use-after-free write in put_dev</issue>
<issue id="1207158" tracker="bnc">[FVTCR]SLES15 SP4 [5.14.21-150400.24.18-default] while running btrfs xfstest with 4k/64k gets stuck with open_ctree failed error and makes lpar unresponsive [P10] [rainier]</issue>
<issue id="1216834" tracker="bnc">L3: System crashing intermittent with OCFS2</issue>
<issue id="1221326" tracker="bnc">VUL-0: CVE-2023-52489: kernel: mm/sparsemem: fix race in accessing memory_section->usage</issue>
<issue id="1221645" tracker="bnc">SLES15 SP6 - [P10] - LPAR crashes and hangs on running ksefltest powerpc/mce/inject-ra-err with parameter "percpu_alloc=page" enabled</issue>
<issue id="1223191" tracker="bnc">powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt</issue>
<issue id="1224105" tracker="bnc">[SLES15 SP4] [native nvme multipath] Delays observed in device wwn symmlink initialization in scaled environment</issue>
<issue id="1227832" tracker="bnc">VUL-0: CVE-2024-40910: kernel: ax25: Fix refcount imbalance on inbound connections</issue>
<issue id="1228020" tracker="bnc">VUL-0: CVE-2024-41009: kernel: bpf: Fix overrunning reservations in ringbuf</issue>
<issue id="1228114" tracker="bnc">VUL-0: CVE-2024-41011: kernel: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages</issue>
<issue id="1228466" tracker="bnc">VUL-0: CVE-2024-41087: kernel: ata: libata-core: Fix double free on error</issue>
<issue id="1228489" tracker="bnc">VUL-0: CVE-2024-42230: kernel: powerpc/pseries: Fix scv instruction crash with kexec</issue>
<issue id="1228516" tracker="bnc">VUL-0: CVE-2024-42077: kernel: ocfs2: fix DIO failure due to insufficient transaction credits</issue>
<issue id="1228576" tracker="bnc">VUL-0: CVE-2024-41062: kernel: bluetooth/l2cap: sync sock recv cb and release</issue>
<issue id="1228718" tracker="bnc">VUL-0: CVE-2024-42126: kernel: powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt.</issue>
<issue id="1228801" tracker="bnc">cgroup/cpuset: Prevent UAF in proc_cpuset_show()</issue>
<issue id="1228959" tracker="bnc">VUL-0: CVE-2024-42232: kernel: libceph: fix race between delayed_work() and ceph_monc_stop()</issue>
<issue id="1229042" tracker="bnc">Enable kernel-default-livepatch-devel for TW since it's already enabled on Leap</issue>
<issue id="1229292" tracker="bnc">VUL-0: CVE-2024-43853: kernel: cgroup/cpuset: Prevent UAF in proc_cpuset_show()</issue>
<issue id="1229400" tracker="bnc">VUL-0: CVE-2024-42271: kernel: net/iucv: fix use after free in iucv_sock_close()</issue>
<issue id="1229454" tracker="bnc">fuse: Initialize beyond-EOF page contents before setting uptodate</issue>
<issue id="1229500" tracker="bnc">VUL-0: CVE-2024-43861: kernel: net: usb: qmi_wwan: fix memory leak for not ip packets</issue>
<issue id="1229503" tracker="bnc">VUL-0: CVE-2024-43882: kernel: exec: Fix ToCToU between perm check and set-uid/gid usage</issue>
<issue id="1229506" tracker="bnc">VUL-0: CVE-2022-48868: kernel: dmaengine: idxd: Let probe fail when workqueue cannot be enabled</issue>
<issue id="1229507" tracker="bnc">VUL-0: CVE-2022-48869: kernel: USB: gadgetfs: Fix race between mounting and unmounting</issue>
<issue id="1229508" tracker="bnc">VUL-0: CVE-2022-48870: kernel: tty: fix possible null-ptr-defer in spk_ttyio_release</issue>
<issue id="1229509" tracker="bnc">VUL-0: CVE-2022-48871: kernel: tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer</issue>
<issue id="1229510" tracker="bnc">VUL-0: CVE-2022-48872: kernel: misc: fastrpc: Fix use-after-free race condition for maps</issue>
<issue id="1229512" tracker="bnc">VUL-0: CVE-2022-48873: kernel: misc: fastrpc: Don't remove map on creater_process and device_release</issue>
<issue id="1229516" tracker="bnc">VUL-0: CVE-2022-48875: kernel: wifi: mac80211: sdata can be NULL during AMPDU start</issue>
<issue id="1229522" tracker="bnc">VUL-0: CVE-2023-52911: kernel: drm/msm: another fix for the headless Adreno GPU</issue>
<issue id="1229526" tracker="bnc">VUL-0: CVE-2023-52907: kernel: nfc: pn533: Wait for out_urb's completion in pn533_usb_send_frame()</issue>
<issue id="1229528" tracker="bnc">VUL-0: CVE-2023-52905: kernel: octeontx2-pf: Fix resource leakage in VF driver unbind</issue>
<issue id="1229531" tracker="bnc">VUL-0: CVE-2023-52901: kernel: usb: xhci: Check endpoint is valid before dereferencing it</issue>
<issue id="1229533" tracker="bnc">VUL-0: CVE-2023-52896: kernel: btrfs: fix race between quota rescan and disable leading to NULL pointer deref</issue>
<issue id="1229535" tracker="bnc">VUL-0: CVE-2023-52893: kernel: gsmi: fix null-deref in gsmi_get_variable</issue>
<issue id="1229536" tracker="bnc">VUL-0: CVE-2022-48899: kernel: drm/virtio: Fix GEM handle creation UAF</issue>
<issue id="1229537" tracker="bnc">VUL-0: CVE-2022-48898: kernel: drm/msm/dp: do not complete dp_aux_cmd_fifo_tx() if irq is not for aux transfer</issue>
<issue id="1229540" tracker="bnc">VUL-0: CVE-2022-48896: kernel: ixgbe: fix pci device refcount leak</issue>
<issue id="1229544" tracker="bnc">VUL-0: CVE-2022-48890: kernel: scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM</issue>
<issue id="1229554" tracker="bnc">VUL-0: CVE-2022-48878: kernel: Bluetooth: hci_qca: fix driver shutdown on closed serdev</issue>
<issue id="1229557" tracker="bnc">VUL-0: CVE-2022-48880: kernel: platform/surface: aggregator: add missing call to ssam_request_sync_free()</issue>
<issue id="1229565" tracker="bnc">VUL-0: CVE-2022-48891: kernel: regulator: da9211: Use irq handler when ready</issue>
<issue id="1229566" tracker="bnc">VUL-0: CVE-2023-52894: kernel: usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate()</issue>
<issue id="1229568" tracker="bnc">VUL-0: CVE-2023-52898: kernel: xhci: fix null pointer dereference when host dies</issue>
<issue id="1229581" tracker="bnc">VUL-0: CVE-2023-52900: kernel: nilfs2: fix general protection fault in nilfs_btree_insert()</issue>
<issue id="1229598" tracker="bnc">VUL-0: CVE-2021-4441: kernel: spi: spi-zynq-qspi: Fix a NULL pointer dereference in zynq_qspi_exec_mem_op()</issue>
<issue id="1229603" tracker="bnc">VUL-0: CVE-2022-48904: kernel: iommu/amd: Fix I/O page table memory leak</issue>
<issue id="1229604" tracker="bnc">VUL-0: CVE-2022-48905: kernel: ibmvnic: free reset-work-item when flushing</issue>
<issue id="1229608" tracker="bnc">VUL-0: CVE-2022-48907: kernel: auxdisplay: lcd2s: Fix memory leak in ->remove()</issue>
<issue id="1229611" tracker="bnc">VUL-0: CVE-2022-48909: kernel: net/smc: fix connection leak</issue>
<issue id="1229612" tracker="bnc">VUL-0: CVE-2022-48942: kernel: hwmon: Handle failure to register sensor with thermal zone correctly</issue>
<issue id="1229613" tracker="bnc">VUL-0: CVE-2022-48903: kernel: btrfs: fix relocation crash due to premature return from btrfs_commit_transaction()</issue>
<issue id="1229614" tracker="bnc">VUL-0: CVE-2022-48941: kernel: ice: fix concurrent reset and removal of VFs</issue>
<issue id="1229617" tracker="bnc">VUL-0: CVE-2022-48937: kernel: io_uring: add a schedule point in io_add_buffers()</issue>
<issue id="1229619" tracker="bnc">VUL-0: CVE-2022-48935: kernel: netfilter: nf_tables: unregister flowtable hooks on netns exit</issue>
<issue id="1229620" tracker="bnc">VUL-0: CVE-2022-48934: kernel: nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac()</issue>
<issue id="1229622" tracker="bnc">VUL-0: CVE-2022-48932: kernel: net/mlx5: DR, Fix slab-out-of-bounds in mlx5_cmd_dr_create_fte</issue>
<issue id="1229623" tracker="bnc">VUL-0: CVE-2022-48931: kernel: configfs: fix a race in configfs_{,un}register_subsystem()</issue>
<issue id="1229624" tracker="bnc">VUL-0: CVE-2022-48930: kernel: RDMA/ib_srp: Fix a deadlock</issue>
<issue id="1229625" tracker="bnc">VUL-0: CVE-2022-48929: kernel: bpf: Fix crash due to out of bounds access into reg2btf_ids.</issue>
<issue id="1229626" tracker="bnc">VUL-0: CVE-2022-48928: kernel: iio: adc: men_z188_adc: Fix a resource leak in an error handling path</issue>
<issue id="1229628" tracker="bnc">VUL-0: CVE-2022-48927: kernel: iio: adc: tsc2046: fix memory corruption by preventing array overflow</issue>
<issue id="1229629" tracker="bnc">VUL-0: CVE-2022-48926: kernel: usb: gadget: rndis: add spinlock for rndis response list</issue>
<issue id="1229630" tracker="bnc">VUL-0: CVE-2022-48925: kernel: RDMA/cma: Do not change route.addr.src_addr outside state checks</issue>
<issue id="1229631" tracker="bnc">VUL-0: CVE-2022-48924: kernel: thermal: int340x: fix memory leak in int3400_notify()</issue>
<issue id="1229635" tracker="bnc">VUL-0: CVE-2022-48921: kernel: sched/fair: Fix fault in reweight_entity</issue>
<issue id="1229636" tracker="bnc">VUL-0: CVE-2022-48918: kernel: iwlwifi: mvm: check debugfs_dir ptr before use</issue>
<issue id="1229637" tracker="bnc">VUL-0: CVE-2022-48917: kernel: ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min</issue>
<issue id="1229638" tracker="bnc">VUL-0: CVE-2022-48916: kernel: iommu/vt-d: Fix double list_add when enabling VMD in scalable mode</issue>
<issue id="1229639" tracker="bnc">VUL-0: CVE-2022-48915: kernel: thermal: core: Fix TZ_GET_TRIP NULL pointer dereference</issue>
<issue id="1229641" tracker="bnc">VUL-0: CVE-2022-48912: kernel: netfilter: fix use-after-free in __nf_register_net_hook()</issue>
<issue id="1229642" tracker="bnc">VUL-0: CVE-2022-48914: kernel: xen/netfront: destroy queues before real_num_tx_queues is zeroed</issue>
<issue id="1229643" tracker="bnc">VUL-0: CVE-2022-48913: kernel: blktrace: fix use after free for struct blk_trace</issue>
<issue id="1229645" tracker="bnc">VUL-0: CVE-2022-48943: kernel: KVM: x86/mmu: make apf token non-zero to fix bug</issue>
<issue id="1229657" tracker="bnc">VUL-0: CVE-2022-48919: kernel: cifs: fix double free race when mount fails in cifs_get_root()</issue>
<issue id="1229664" tracker="bnc">VUL-0: CVE-2022-48938: kernel: CDC-NCM: avoid overflow in sanity checking</issue>
<issue id="1229707" tracker="bnc">VUL-0: CVE-2024-43883: kernel: usb: vhci-hcd: do not drop references before new references are gained</issue>
<issue id="1229792" tracker="bnc">VUL-0: CVE-2024-44938: kernel: jfs: fix shift-out-of-bounds in dbDiscardAG</issue>
<issue id="1230245" tracker="bnc">VUL-0: CVE-2024-45003: kernel: vfs: Don't evict inode under the inode lru traversing context</issue>
<issue id="1230413" tracker="bnc">[Build :35534:dtb-armv7l] ndctl create-namespace fails with new kernel</issue>
<issue id="2024-45003" tracker="cve" />
<issue id="2022-48917" tracker="cve" />
<issue id="2022-48878" tracker="cve" />
<issue id="2022-48938" tracker="cve" />
<issue id="2022-48943" tracker="cve" />
<issue id="2022-48925" tracker="cve" />
<issue id="2022-48930" tracker="cve" />
<issue id="2022-4382" tracker="cve" />
<issue id="2022-48869" tracker="cve" />
<issue id="2022-48907" tracker="cve" />
<issue id="2022-48913" tracker="cve" />
<issue id="2022-48929" tracker="cve" />
<issue id="2023-52896" tracker="cve" />
<issue id="2022-48903" tracker="cve" />
<issue id="2024-43853" tracker="cve" />
<issue id="2022-48919" tracker="cve" />
<issue id="2022-48931" tracker="cve" />
<issue id="2022-48868" tracker="cve" />
<issue id="2023-52911" tracker="cve" />
<issue id="2022-48898" tracker="cve" />
<issue id="2022-48899" tracker="cve" />
<issue id="2023-52893" tracker="cve" />
<issue id="2022-48942" tracker="cve" />
<issue id="2022-48905" tracker="cve" />
<issue id="2022-48941" tracker="cve" />
<issue id="2022-48928" tracker="cve" />
<issue id="2022-48927" tracker="cve" />
<issue id="2022-48937" tracker="cve" />
<issue id="2022-48904" tracker="cve" />
<issue id="2022-48916" tracker="cve" />
<issue id="2022-48918" tracker="cve" />
<issue id="2022-48896" tracker="cve" />
<issue id="2022-48873" tracker="cve" />
<issue id="2022-48872" tracker="cve" />
<issue id="2022-48932" tracker="cve" />
<issue id="2022-48909" tracker="cve" />
<issue id="2023-52907" tracker="cve" />
<issue id="2022-48934" tracker="cve" />
<issue id="2023-52900" tracker="cve" />
<issue id="2023-52905" tracker="cve" />
<issue id="2022-48880" tracker="cve" />
<issue id="2022-48891" tracker="cve" />
<issue id="2022-48921" tracker="cve" />
<issue id="2022-48890" tracker="cve" />
<issue id="2021-4441" tracker="cve" />
<issue id="2022-48915" tracker="cve" />
<issue id="2022-48924" tracker="cve" />
<issue id="2022-48870" tracker="cve" />
<issue id="2022-48871" tracker="cve" />
<issue id="2023-52894" tracker="cve" />
<issue id="2022-48926" tracker="cve" />
<issue id="2023-52901" tracker="cve" />
<issue id="2022-48875" tracker="cve" />
<issue id="2022-48914" tracker="cve" />
<issue id="2023-52898" tracker="cve" />
<issue id="2024-41011" tracker="cve" />
<issue id="2024-42230" tracker="cve" />
<issue id="2024-42126" tracker="cve" />
<issue id="2024-42077" tracker="cve" />
<issue id="2024-41062" tracker="cve" />
<issue id="2024-44947" tracker="cve" />
<issue id="2024-43883" tracker="cve" />
<issue id="2024-43861" tracker="cve" />
<issue id="2023-52489" tracker="cve" />
<issue id="2024-44938" tracker="cve" />
<issue id="2024-41087" tracker="cve" />
<issue id="2024-43882" tracker="cve" />
<issue id="2022-48935" tracker="cve" />
<issue id="2022-48912" tracker="cve" />
<issue id="2024-42271" tracker="cve" />
<issue id="2024-42232" tracker="cve" />
<issue id="2024-40910" tracker="cve" />
<issue id="2024-41009" tracker="cve" />
<category>security</category>
<rating>important</rating>
<packager>rhopkins</packager>
<reboot_needed/>
<description>
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-41062: Sync sock recv cb and release (bsc#1228576).
- CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454).
- CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707).
- CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500).
- CVE-2023-52489: Fix race in accessing memory_section->usage (bsc#1221326).
- CVE-2024-44938: Fix shift-out-of-bounds in dbDiscardAG (bsc#1229792).
- CVE-2024-41087: Fix double free on error (CVE-2024-41087,bsc#1228466).
- CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503)
- CVE-2022-48935: Fixed an unregister flowtable hooks on netns exit (bsc#1229619)
- CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)
- CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400)
- CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959)
- CVE-2024-40910: Fix refcount imbalance on inbound connections (bsc#1227832).
- CVE-2024-41009: Fix overrunning reservations in ringbuf (bsc#1228020).
- CVE-2024-45003: Don't evict inode under the inode lru traversing context (bsc#1230245).
The following non-security bugs were fixed:
- Bluetooth: L2CAP: Fix deadlock (git-fixes).
- mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes).
- mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes).
- Revert "mm: prevent derefencing NULL ptr in pfn_section_valid()" (bsc#1230413).
- Revert "mm, kmsan: fix infinite recursion due to RCU critical section" (bsc#1230413).
- Revert "mm/sparsemem: fix race in accessing memory_section->usage" (bsc#1230413).
- nvme_core: scan namespaces asynchronously (bsc#1224105).
</description>
<summary>Security update for the Linux Kernel</summary>
</patchinfo>
