File _patchinfo of Package patchinfo.42275

<patchinfo incident="42275">
  <issue tracker="bnc" id="1248400">VUL-0: CVE-2025-38572: kernel live patch: ipv6: reject malicious packets in ipv6_gso_segment()</issue>
  <issue tracker="bnc" id="1248615">VUL-0: CVE-2024-58239: kernel live patch: tls: stop recv() if initial process_rx_list gave us non-DATA</issue>
  <issue tracker="bnc" id="1248670">VUL-0: CVE-2025-38608: kernel live patch: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls</issue>
  <issue tracker="bnc" id="1249242">VUL-0: CVE-2022-50233: kernel live patch: bluetooth: device name can cause reading kernel memory by not supplying terminal \0</issue>
  <issue tracker="bnc" id="1250665">VUL-0: CVE-2022-50409: kernel live patch: net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory</issue>
  <issue tracker="bnc" id="1251165">VUL-0: CVE-2022-50490: kernel live patch: bpf: Propagate error from htab_lock_bucket() to userspace</issue>
  <issue tracker="bnc" id="1251203">VUL-0: CVE-2025-38476: kernel live patch: rpl: Fix use-after-free in rpl_do_srh_inline().</issue>
  <issue tracker="bnc" id="1251787">VUL-0: CVE-2023-53676: kernel live patch: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()</issue>
  <issue tracker="bnc" id="1253437">VUL-0: CVE-2025-40204: kernel live patch: sctp: Fix MAC comparison to be constant-time</issue>
  <issue tracker="bnc" id="1254451">VUL-0: CVE-2022-50327: kernel live patch: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value</issue>
  <issue tracker="cve" id="2022-50233"/>
  <issue tracker="cve" id="2022-50327"/>
  <issue tracker="cve" id="2022-50409"/>
  <issue tracker="cve" id="2022-50490"/>
  <issue tracker="cve" id="2023-53676"/>
  <issue tracker="cve" id="2024-58239"/>
  <issue tracker="cve" id="2025-38476"/>
  <issue tracker="cve" id="2025-38572"/>
  <issue tracker="cve" id="2025-38608"/>
  <issue tracker="cve" id="2025-40204"/>
  <category>security</category>
  <rating>important</rating>
  <packager>nstange</packager>
  <summary>Security update for the Linux Kernel (Live Patch 40 for SUSE Linux Enterprise 15 SP4)</summary>
  <description>
This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.164 fixes various security issues

The following security issues were fixed:

- CVE-2022-50233: bluetooth: device name can cause reading kernel memory by not supplying terminal \0 (bsc#1249242).
- CVE-2022-50327: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value (bsc#1254451).
- CVE-2022-50409: net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory (bsc#1250665).
- CVE-2022-50490: bpf: Propagate error from htab_lock_bucket() to userspace (bsc#1251165).
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2024-58239: tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1248615).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
</description>
</patchinfo>