Overview

File _patchinfo of Package patchinfo.37051

<patchinfo incident="37051">
  <issue id="1170891" tracker="bnc">[openQA][blktests][loop/001] test fails for PowerVM and x86_64</issue>
  <issue id="1173139" tracker="bnc">SLES 15 SP2 GMC - IOCTL BLKRRPART broken - patch missing</issue>
  <issue id="1185010" tracker="bnc">NXP i.MX8MM missing kernel modules in initrd</issue>
  <issue id="1190358" tracker="bnc">kernel-azure fails to build in update project</issue>
  <issue id="1190428" tracker="bnc">kernel -extra subpackage contains no modules</issue>
  <issue id="1209798" tracker="bnc">kernel-default build failed due to missing(?) build-id</issue>
  <issue id="1215304" tracker="bnc">VUL-0: kernel: buffer overflow in s5p_cec_irq_handler</issue>
  <issue id="1222878" tracker="bnc">VUL-0: CVE-2021-47202: kernel: thermal: NULL pointer dereferences in of_thermal_ functions</issue>
  <issue id="1228466" tracker="bnc">VUL-0: CVE-2024-41087: kernel: ata: libata-core: Fix double free on error</issue>
  <issue id="1230697" tracker="bnc">VUL-0: CVE-2024-8805: kernel: BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability</issue>
  <issue id="1232436" tracker="bnc">VUL-0: CVE-2024-53142: kernel: malformed cpio entry may leak early-boot memory contents</issue>
  <issue id="1233070" tracker="bnc">VUL-0: CVE-2024-50154: kernel: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink().</issue>
  <issue id="1233642" tracker="bnc">VUL-0: CVE-2024-53095: kernel: smb: client: Fix use-after-free of network namespace.</issue>
  <issue id="1234281" tracker="bnc">VUL-0: CVE-2024-53240: xen: XSA-465: Backend can crash Linux netfront</issue>
  <issue id="1234282" tracker="bnc">VUL-0: CVE-2024-53241: xen: XSA-466: Xen hypercall page unsafe against speculative attacks</issue>
  <issue id="1234846" tracker="bnc">VUL-0: CVE-2024-53156: kernel: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service()</issue>
  <issue id="1234853" tracker="bnc">VUL-0: CVE-2024-53146: kernel: NFSD: prevent a potential integer overflow</issue>
  <issue id="1234891" tracker="bnc">VUL-0: CVE-2024-53173: kernel: NFSv4.0: Fix a use-after-free problem in the asynchronous open()</issue>
  <issue id="1234921" tracker="bnc">VUL-0: CVE-2024-53179: kernel: smb: client: fix use-after-free of signing key</issue>
  <issue id="1234960" tracker="bnc">VUL-0: CVE-2024-53206: kernel: tcp: fix use-after-free of nreq in reqsk_timer_handler().</issue>
  <issue id="1234963" tracker="bnc">VUL-0: CVE-2024-56539: kernel: wifi: mwifiex: fix memcpy() field-spanning write warning in mwifiex_config_scan()</issue>
  <issue id="1235004" tracker="bnc">VUL-0: CVE-2024-53214: kernel: vfio/pci: properly hide first-in-list PCIe extended capability</issue>
  <issue id="1235035" tracker="bnc">VUL-0: CVE-2024-56570: kernel: ovl: filter invalid inodes with missing lookup function</issue>
  <issue id="1235054" tracker="bnc">VUL-0: CVE-2024-53239: kernel: ALSA: 6fire: release resources at card release</issue>
  <issue id="1235056" tracker="bnc">VUL-0: CVE-2024-56604: kernel: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc()</issue>
  <issue id="1235061" tracker="bnc">VUL-0: CVE-2024-56605: kernel: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()</issue>
  <issue id="1235073" tracker="bnc">VUL-0: CVE-2024-56548: kernel: hfsplus: don't query the device logical block size multiple times</issue>
  <issue id="1235220" tracker="bnc">VUL-0: CVE-2024-56598: kernel: jfs: array-index-out-of-bounds fix in dtReadFirst</issue>
  <issue id="1235224" tracker="bnc">VUL-0: CVE-2024-56619: kernel: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry()</issue>
  <issue id="1235246" tracker="bnc">mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024</issue>
  <issue id="1235507" tracker="bnc">IDPF TX timeout bug fixed upstream</issue>
  <issue id="2021-47202" tracker="cve" />
  <issue id="2022-49035" tracker="cve" />
  <issue id="2024-41087" tracker="cve" />
  <issue id="2024-50154" tracker="cve" />
  <issue id="2024-53095" tracker="cve" />
  <issue id="2024-53142" tracker="cve" />
  <issue id="2024-53146" tracker="cve" />
  <issue id="2024-53156" tracker="cve" />
  <issue id="2024-53173" tracker="cve" />
  <issue id="2024-53179" tracker="cve" />
  <issue id="2024-53206" tracker="cve" />
  <issue id="2024-53214" tracker="cve" />
  <issue id="2024-53239" tracker="cve" />
  <issue id="2024-53240" tracker="cve" />
  <issue id="2024-53241" tracker="cve" />
  <issue id="2024-56539" tracker="cve" />
  <issue id="2024-56548" tracker="cve" />
  <issue id="2024-56570" tracker="cve" />
  <issue id="2024-56598" tracker="cve" />
  <issue id="2024-56604" tracker="cve" />
  <issue id="2024-56605" tracker="cve" />
  <issue id="2024-56619" tracker="cve" />
  <issue id="2024-8805" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>alix82</packager>
  <reboot_needed/>
  <description>
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes.


The following security bugs were fixed:

- CVE-2024-41087: Fix double free on error (bsc#1228466).
- CVE-2024-53095: smb: client: Fix use-after-free of network namespace (bsc#1233642).
- CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853).
- CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846).
- CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891).
- CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921).
- CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004).
- CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054).
- CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281).
- CVE-2024-53241: x86/xen: use new hypercall functions instead of hypercall page (XSA-466 bsc#1234282).
- CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963).
- CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073).
- CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function (bsc#1235035).
- CVE-2024-56598: jfs: array-index-out-of-bounds fix in dtReadFirst (bsc#1235220).
- CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056).
- CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061).
- CVE-2024-56619: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (bsc#1235224).
- CVE-2024-8805: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE (bsc#1230697).

The following non-security bugs were fixed:

- Drop a couple of block layer git-fixes (bsc#1170891 bsc#1173139)
- KVM: x86: fix sending PV IPI (git-fixes).
- fixup "rpm: support gz and zst compression methods" once more (bsc#1190428, bsc#1190358)
- idpf: add support for SW triggered interrupts (bsc#1235507).
- idpf: enable WB_ON_ITR (bsc#1235507).
- idpf: trigger SW interrupt when exiting wb_on_itr mode (bsc#1235507).
- kernel-binary: do not BuildIgnore m4. It is actually needed for regenerating zconf when it is not up-to-date due to merge.
- net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (bsc#1235246).
- rpm/kernel-binary.spec.in: Fix build regression The previous fix forgot to take over grep -c option that broke the conditional expression
- scsi: storvsc: Do not flag MAINTENANCE_IN return of SRB_STATUS_DATA_OVERRUN as an error (git-fixes).
- smb: client: fix TCP timers deadlock after rmmod (git-fixes) [hcarvalho: this fixes issue discussed in bsc#1233642].
- supported.conf: add bsc1185010 dependency
- supported.conf: hyperv_drm (jsc#sle-19733)
- usb: roles: Call try_module_get() from usb_role_switch_find_by_fwnode() (git-fixes).
- usb: typec: tps6598x: Fix return value check in tps6598x_probe() (git-fixes).
- x86/bug: Merge annotate_reachable() into _BUG_FLAGS() asm (git-fixes).
- x86/fpu/xsave: Handle compacted offsets correctly with supervisor states (git-fixes).
- x86/fpu/xstate: Fix the ARCH_REQ_XCOMP_PERM implementation (git-fixes).
- x86/fpu: Remove unused supervisor only offsets (git-fixes).
- x86/kvm: Do not use pv tlb/ipi/sched_yield if on 1 vCPU (git-fixes).
- x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes).
- x86/mce: Allow instrumentation during task work queueing (git-fixes).
- x86/mce: Mark mce_end() noinstr (git-fixes).
- x86/mce: Mark mce_panic() noinstr (git-fixes).
- x86/mce: Mark mce_read_aux() noinstr (git-fixes).
- x86/mm: Flush global TLB when switching to trampoline page-table (git-fixes).
- x86/sgx: Free backing memory after faulting the enclave page (git-fixes).
- x86/sgx: Silence softlockup detection when releasing large enclaves (git-fixes).
- x86/uaccess: Move variable into switch case statement (git-fixes).
- x86: Annotate call_on_stack() (git-fixes).
</description>
	<summary>Security update for the Linux Kernel</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places