File _patchinfo of Package patchinfo.39633
<patchinfo incident="39633">
<issue id="1065729" tracker="bnc">[trackerbug] 4.12 powerpc base kernel fixes</issue>
<issue id="1156395" tracker="bnc">[TRACKERBUG] 5.3 powerpc base kernel fixes</issue>
<issue id="1193629" tracker="bnc">[TRACKERBUG] SLE15-SP4 backports for cifs.ko</issue>
<issue id="1194869" tracker="bnc">[TRACKERBUG] 5.14 powerpc base kernel fixes</issue>
<issue id="1198410" tracker="bnc">iSCSI qedi based installation hangs on reboot with warning</issue>
<issue id="1199356" tracker="bnc">SLES15-SP4 kernel WARNING kernel/workqueue.c process_one_work</issue>
<issue id="1199487" tracker="bnc">VUL-0: CVE-2022-1679: kernel-source,kernel-source-rt,kernel-source-azure: kernel: Use-After-Free in ath9k_htc_probe_device() could cause an escalation of privileges</issue>
<issue id="1201160" tracker="bnc">qla2xxx: update driver to 10.02.07.700-k</issue>
<issue id="1201956" tracker="bnc">Update Broadcom Emulex lpfc driver to 14.2.0.5</issue>
<issue id="1202094" tracker="bnc">VUL-0: CVE-2022-2585: kernel-source: use-after-free in POSIX CPU timer</issue>
<issue id="1202095" tracker="bnc">VUL-0: CVE-2022-2586: kernel-source: use-after-free with nf_tables cross-table reference</issue>
<issue id="1202564" tracker="bnc">VUL-0: CVE-2022-2905: kernel-source: Linux kernel slab-out-of-bound Read in bpf</issue>
<issue id="1202716" tracker="bnc">[PATCH] jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted</issue>
<issue id="1202823" tracker="bnc">ceph: don't leak snap_rwsem in handle_cap_grant</issue>
<issue id="1202860" tracker="bnc">VUL-0: CVE-2022-2905: kernel-source-azure,kernel-source,kernel-source-rt: slab-out-of-bound read in bpf</issue>
<issue id="1203197" tracker="bnc">SLES 15 SP4 - s390: fix double free of GS and RI CBs on fork() failure</issue>
<issue id="1203361" tracker="bnc">[PATCH] btrfs: fix space cache corruption and potential double allocations</issue>
<issue id="1205220" tracker="bnc">VUL-0: CVE-2022-3903: kernel: An invalid pipe direction in the mceusb driver cause DOS</issue>
<issue id="1205514" tracker="bnc">VUL-0: CVE-2022-4095: kernel: use after free in rtl8712 driver</issue>
<issue id="1205701" tracker="bnc">Update IOMMU and VFIO code to upstream Linux v6.0 for DRM backports</issue>
<issue id="1206451" tracker="bnc">wlan device QCNFA765 not detected</issue>
<issue id="1206664" tracker="bnc">VUL-0: CVE-2022-4662: kernel-source-azure,kernel-source-rt,kernel-source: Recursive locking violation in usb-storage that can cause the kernel to deadlock</issue>
<issue id="1206878" tracker="bnc">[PATCH] ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h</issue>
<issue id="1206880" tracker="bnc">[PATCH] ext4: avoid resizing to a partial cluster size</issue>
<issue id="1207361" tracker="bnc">SLE15-SP5 networking backports and fixes</issue>
<issue id="1207638" tracker="bnc">[PATCH] writeback: avoid use-after-free after removing device</issue>
<issue id="1211226" tracker="bnc">Eliminate the need for 'OBS source links': convert to _multibuild</issue>
<issue id="1212051" tracker="bnc">VUL-0: CVE-2023-3111: kernel: Use after free in prepare_to_relocate in fs/btrfs/relocation.c</issue>
<issue id="1213090" tracker="bnc">[PATCH] ext4: block range must be validated before use in ext4_mb_clear_bb()</issue>
<issue id="1218184" tracker="bnc">Eliminate the need for 'OBS source links': convert to _multibuild</issue>
<issue id="1218234" tracker="bnc">Adjust insufficient default bpf_jit_limit (SLE Micro 5.4/Elemental)</issue>
<issue id="1218470" tracker="bnc">server panicing on boot with iommu calls with a kernel higher than 5.14.21-150400.24.46.1</issue>
<issue id="1222634" tracker="bnc">VUL-0: CVE-2024-26808: kernel: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain</issue>
<issue id="1223675" tracker="bnc">VUL-0: CVE-2024-26935: kernel: scsi: core: WARNING in proc_register</issue>
<issue id="1224095" tracker="bnc">VUL-0: CVE-2024-27397: kernel: netfilter: nf_tables: use timestamp to check for set element timeout</issue>
<issue id="1224597" tracker="bnc">VUL-0: CVE-2024-35840: kernel: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect()</issue>
<issue id="1225468" tracker="bnc">VUL-0: CVE-2021-47557: kernel: net/sched: sch_ets: don't peek at classes beyond 'nbands'</issue>
<issue id="1225820" tracker="bnc">VUL-0: CVE-2024-36924: kernel: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up()</issue>
<issue id="1226514" tracker="bnc">VUL-0: CVE-2024-36978: kernel: net: sched: sch_multiq: fix possible OOB write in multiq_tune()</issue>
<issue id="1226552" tracker="bnc">VUL-0: CVE-2021-47595: kernel: net/sched: sch_ets: don't remove idle classes from the round-robin list</issue>
<issue id="1228659" tracker="bnc">Snapshot 20240730 - unbootable after transactional-update dup</issue>
<issue id="1230827" tracker="bnc">VUL-0: CVE-2024-46800: kernel: sch/netem: fix use after free in netem_dequeue</issue>
<issue id="1231293" tracker="bnc">kernel shown as unreleased</issue>
<issue id="1232504" tracker="bnc">VUL-0: CVE-2024-50077: kernel: Bluetooth: ISO: Fix multiple init when debugfs is disabled</issue>
<issue id="1234156" tracker="bnc">VUL-0: CVE-2024-53125: kernel: bpf: sync_linked_regs() must preserve subreg_def</issue>
<issue id="1234381" tracker="bnc">VUL-0: CVE-2024-53141: kernel: netfilter: ipset: add missing range check in bitmap_ip_uadt</issue>
<issue id="1234454" tracker="bnc">Compiling external modules fails with "/usr/src/linux-6.13.0-rc2-1.gf92fc5d/include/config/auto.conf: No such file or directory"</issue>
<issue id="1235464" tracker="bnc">VUL-0: CVE-2024-53197: kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices</issue>
<issue id="1235637" tracker="bnc">VUL-0: CVE-2024-56770: kernel: net/sched: netem: account for backlog updates from child qdisc</issue>
<issue id="1236821" tracker="bnc">VUL-0: CVE-2023-52924: kernel: netfilter: nf_tables: don't skip expired elements during walk</issue>
<issue id="1236822" tracker="bnc">VUL-0: CVE-2023-52925: kernel: netfilter: nf_tables: don't fail inserts if duplicate has expired</issue>
<issue id="1237159" tracker="bnc">VUL-0: CVE-2025-21700: kernel: net: sched: Disallow replacing of child qdisc from one parent to another</issue>
<issue id="1237312" tracker="bnc">VUL-0: CVE-2025-21702: kernel: pfifo_tail_enqueue: Drop new packet when sch->limit == 0</issue>
<issue id="1237313" tracker="bnc">VUL-0: CVE-2025-21703: kernel: netem: Update sch->q.qlen before qdisc_tree_reduce_backlog()</issue>
<issue id="1238303" tracker="bnc">kernel-source:kernel-docs varies between builds</issue>
<issue id="1238526" tracker="bnc">VUL-0: CVE-2024-57999: kernel: powerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW</issue>
<issue id="1238570" tracker="bnc">SUSE-2025 kernel fails supported.conf check when built on SLE 15 SP6</issue>
<issue id="1238876" tracker="bnc">VUL-0: CVE-2025-21756: kernel: vsock: Keep the binding until socket destruction</issue>
<issue id="1239986" tracker="bnc">/lib/modprobe.d/20-kernel-default-extra.conf is missing in 16.0</issue>
<issue id="1240785" tracker="bnc">Update from 20250329 failing</issue>
<issue id="1241038" tracker="bnc">Use "OrderWithRequires" in kernel binary packages</issue>
<issue id="1241640" tracker="bnc">VUL-0: CVE-2025-37785: kernel: ext4: fix OOB read when checking dotdot dir</issue>
<issue id="1241900" tracker="bnc">BUG: kernel NULL pointer dereference at ovl_dentry_upper+0x9</issue>
<issue id="1242006" tracker="bnc">VUL-0: CVE-2024-28956: Intel CPU: Indirect Target Selection (ITS)</issue>
<issue id="1242221" tracker="bnc">VUL-0: CVE-2023-53076: kernel: bpf: Adjust insufficient default bpf_jit_limit</issue>
<issue id="1242414" tracker="bnc">VUL-0: CVE-2025-37798: kernel: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()</issue>
<issue id="1242504" tracker="bnc">VUL-0: CVE-2025-37752: kernel: net_sched: sch_sfq: move the limit validation</issue>
<issue id="1242596" tracker="bnc">VUL-0: CVE-2025-23145: kernel: mptcp: fix NULL pointer in can_accept_new_subflow</issue>
<issue id="1242778" tracker="bnc">VUL-0: kernel: cBPF issue</issue>
<issue id="1242782" tracker="bnc">VUL-0: CVE-2025-23141: kernel: KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses</issue>
<issue id="1242924" tracker="bnc">VUL-0: CVE-2025-37823: kernel: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too</issue>
<issue id="1243330" tracker="bnc">VUL-0: CVE-2025-37890: kernel: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc</issue>
<issue id="1243543" tracker="bnc">VUL-0: CVE-2025-37953: kernel: sch_htb: make htb_deactivate() idempotent</issue>
<issue id="1243627" tracker="bnc">VUL-0: CVE-2025-37932: kernel: sch_htb: make htb_qlen_notify() idempotent</issue>
<issue id="1243649" tracker="bnc">VUL-0: CVE-2025-37948: kernel: arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs</issue>
<issue id="1243660" tracker="bnc">VUL-0: CVE-2025-37963: kernel: arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users</issue>
<issue id="1243832" tracker="bnc">VUL-0: CVE-2025-37997: kernel: netfilter: ipset: fix region locking in hash types</issue>
<issue id="1244114" tracker="bnc">VUL-0: CVE-2023-53097: kernel: powerpc/iommu: fix memory leak with using debugfs_lookup()</issue>
<issue id="1244179" tracker="bnc">VUL-0: CVE-2023-53048: kernel: usb: typec: tcpm: fix warning when handle discover_identity message</issue>
<issue id="1244180" tracker="bnc">VUL-0: CVE-2023-53046: kernel: Bluetooth: Fix race condition in hci_cmd_sync_clear</issue>
<issue id="1244234" tracker="bnc">VUL-0: CVE-2025-38001: kernel: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice</issue>
<issue id="1244241" tracker="bnc">The recent change of scripts/lib/SUSE/MyBS.pm broke osc_wrapper with --flavor option</issue>
<issue id="1244277" tracker="bnc">VUL-0: CVE-2025-38000: kernel: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()</issue>
<issue id="1244309" tracker="bnc">Security vulnerability found in upstream kernel</issue>
<issue id="1244337" tracker="bnc">kernel-syms should not require kernel-rt-devel</issue>
<issue id="1244732" tracker="bnc">VUL-0: CVE-2025-38014: kernel: dmaengine: idxd: refactor remove call with idxd_cleanup() helper</issue>
<issue id="1244764" tracker="bnc">VUL-0: CVE-2022-50172: kernel: mt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg</issue>
<issue id="1244765" tracker="bnc">VUL-0: CVE-2022-50171: kernel: crypto: hisilicon/sec - don't sleep when in softirq</issue>
<issue id="1244767" tracker="bnc">VUL-0: CVE-2022-50169: kernel: wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi()</issue>
<issue id="1244770" tracker="bnc">VUL-0: CVE-2022-50164: kernel: wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue</issue>
<issue id="1244771" tracker="bnc">VUL-0: CVE-2022-50165: kernel: wifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()`</issue>
<issue id="1244772" tracker="bnc">VUL-0: CVE-2022-50166: kernel: Bluetooth: When HCI work queue is drained, only queue chained work</issue>
<issue id="1244773" tracker="bnc">VUL-0: CVE-2022-50162: kernel: wifi: libertas: Fix possible refcount leak in if_usb_probe()</issue>
<issue id="1244774" tracker="bnc">VUL-0: CVE-2022-50161: kernel: mtd: maps: Fix refcount leak in of_flash_probe_versatile</issue>
<issue id="1244776" tracker="bnc">VUL-0: CVE-2022-50160: kernel: mtd: maps: Fix refcount leak in ap_flash_init</issue>
<issue id="1244779" tracker="bnc">VUL-0: CVE-2022-50158: kernel: mtd: partitions: Fix refcount leak in parse_redboot_of</issue>
<issue id="1244780" tracker="bnc">VUL-0: CVE-2022-50157: kernel: PCI: microchip: Fix refcount leak in mc_pcie_init_irq_domains()</issue>
<issue id="1244781" tracker="bnc">VUL-0: CVE-2022-50155: kernel: mtd: parsers: ofpart: Fix refcount leak in bcm4908_partitions_fw_offset</issue>
<issue id="1244782" tracker="bnc">VUL-0: CVE-2022-50156: kernel: HID: cp2112: prevent a buffer overflow in cp2112_xfer()</issue>
<issue id="1244783" tracker="bnc">VUL-0: CVE-2022-50152: kernel: usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe</issue>
<issue id="1244784" tracker="bnc">VUL-0: CVE-2022-50154: kernel: PCI: mediatek-gen3: Fix refcount leak in mtk_pcie_init_irq_domains()</issue>
<issue id="1244786" tracker="bnc">VUL-0: CVE-2022-50153: kernel: usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe</issue>
<issue id="1244787" tracker="bnc">VUL-0: CVE-2022-50145: kernel: dmaengine: sf-pdma: Add multithread support for a DMA channel</issue>
<issue id="1244788" tracker="bnc">VUL-0: CVE-2022-50146: kernel: PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors</issue>
<issue id="1244790" tracker="bnc">VUL-0: CVE-2022-50143: kernel: intel_th: Fix a resource leak in an error handling path</issue>
<issue id="1244791" tracker="bnc">VUL-0: CVE-2022-50144: kernel: soundwire: revisit driver bind/unbind and callbacks</issue>
<issue id="1244793" tracker="bnc">VUL-0: CVE-2022-50140: kernel: memstick/ms_block: Fix a memory leak</issue>
<issue id="1244794" tracker="bnc">VUL-0: CVE-2022-50141: kernel: mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch</issue>
<issue id="1244796" tracker="bnc">VUL-0: CVE-2022-50142: kernel: intel_th: msu: Fix vmalloced buffers</issue>
<issue id="1244797" tracker="bnc">VUL-0: CVE-2022-50138: kernel: RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr()</issue>
<issue id="1244798" tracker="bnc">VUL-0: CVE-2022-50139: kernel: usb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc()</issue>
<issue id="1244800" tracker="bnc">VUL-0: CVE-2022-50137: kernel: RDMA/irdma: Fix a window for use-after-free</issue>
<issue id="1244802" tracker="bnc">VUL-0: CVE-2022-50134: kernel: RDMA/hfi1: fix potential memory leak in setup_base_ctxt()</issue>
<issue id="1244804" tracker="bnc">VUL-0: CVE-2022-50136: kernel: RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event</issue>
<issue id="1244805" tracker="bnc">VUL-0: CVE-2022-50135: kernel: RDMA/rxe: Fix BUG: KASAN: null-ptr-deref in rxe_qp_do_cleanup</issue>
<issue id="1244806" tracker="bnc">VUL-0: CVE-2022-50133: kernel: usb: xhci_plat_remove: avoid NULL dereference</issue>
<issue id="1244807" tracker="bnc">VUL-0: CVE-2022-50131: kernel: HID: mcp2221: prevent a buffer overflow in mcp_smbus_write()</issue>
<issue id="1244808" tracker="bnc">VUL-0: CVE-2022-50132: kernel: usb: cdns3: change place of 'priv_ep' assignment in cdns3_gadget_ep_dequeue(), cdns3_gadget_ep_enable()</issue>
<issue id="1244811" tracker="bnc">VUL-0: CVE-2022-50129: kernel: RDMA/srpt: Fix a use-after-free</issue>
<issue id="1244813" tracker="bnc">VUL-0: CVE-2022-50126: kernel: jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted</issue>
<issue id="1244814" tracker="bnc">VUL-0: CVE-2022-50125: kernel: ASoC: cros_ec_codec: Fix refcount leak in cros_ec_codec_platform_probe</issue>
<issue id="1244815" tracker="bnc">VUL-0: CVE-2022-50127: kernel: RDMA/rxe: Fix error unwind in rxe_create_qp()</issue>
<issue id="1244816" tracker="bnc">VUL-0: CVE-2022-50124: kernel: ASoC: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe</issue>
<issue id="1244819" tracker="bnc">VUL-0: CVE-2022-50120: kernel: remoteproc: imx_rproc: Fix refcount leak in imx_rproc_addr_init</issue>
<issue id="1244820" tracker="bnc">VUL-0: CVE-2022-49938: kernel: cifs: fix small mempool leak in SMB2_negotiate()</issue>
<issue id="1244823" tracker="bnc">VUL-0: CVE-2022-50121: kernel: remoteproc: k3-r5: Fix refcount leak in k3_r5_cluster_of_init</issue>
<issue id="1244824" tracker="bnc">VUL-0: CVE-2022-50116: kernel: tty: n_gsm: fix deadlock and link starvation in outgoing data path</issue>
<issue id="1244825" tracker="bnc">VUL-0: CVE-2022-50118: kernel: powerpc/perf: Optimize clearing the pending PMI and remove WARN_ON for PMI check in power_pmu_disable</issue>
<issue id="1244826" tracker="bnc">VUL-0: CVE-2022-50117: kernel: vfio: Split migration ops from main device ops</issue>
<issue id="1244827" tracker="bnc">VUL-0: CVE-2022-50115: kernel: ASoC: SOF: ipc3-topology: Prevent double freeing of ipc_control_data via load_bytes</issue>
<issue id="1244830" tracker="bnc">VUL-0: CVE-2022-50110: kernel: watchdog: sp5100_tco: Fix a memory leak of EFCH MMIO resource</issue>
<issue id="1244831" tracker="bnc">VUL-0: CVE-2022-50111: kernel: ASoC: mt6359: Fix refcount leak bug</issue>
<issue id="1244832" tracker="bnc">VUL-0: CVE-2022-50112: kernel: rpmsg: qcom_smd: Fix refcount leak in qcom_smd_parse_edge</issue>
<issue id="1244834" tracker="bnc">VUL-0: CVE-2022-50108: kernel: mfd: max77620: Fix refcount leak in max77620_initialise_fps</issue>
<issue id="1244836" tracker="bnc">VUL-0: CVE-2022-50104: kernel: powerpc/xive: Fix refcount leak in xive_get_max_prio</issue>
<issue id="1244838" tracker="bnc">VUL-0: CVE-2022-50102: kernel: video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()</issue>
<issue id="1244839" tracker="bnc">VUL-0: CVE-2022-50101: kernel: video: fbdev: vt8623fb: Check the size of screen before memset_io()</issue>
<issue id="1244840" tracker="bnc">VUL-0: CVE-2022-50103: kernel: sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed</issue>
<issue id="1244841" tracker="bnc">VUL-0: CVE-2022-50098: kernel: scsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts</issue>
<issue id="1244842" tracker="bnc">VUL-0: CVE-2022-50099: kernel: video: fbdev: arkfb: Check the size of screen before memset_io()</issue>
<issue id="1244843" tracker="bnc">VUL-0: CVE-2022-50100: kernel: sched/core: Do not requeue task on CPU excluded from cpus_mask</issue>
<issue id="1244845" tracker="bnc">VUL-0: CVE-2022-50097: kernel: video: fbdev: s3fb: Check the size of screen before memset_io()</issue>
<issue id="1244846" tracker="bnc">VUL-0: CVE-2022-50095: kernel: posix-cpu-timers: Cleanup CPU timers before freeing them during exec</issue>
<issue id="1244848" tracker="bnc">VUL-0: CVE-2022-50092: kernel: dm thin: fix use-after-free crash in dm_sm_register_threshold_callback</issue>
<issue id="1244849" tracker="bnc">VUL-0: CVE-2022-50093: kernel: iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE)</issue>
<issue id="1244851" tracker="bnc">VUL-0: CVE-2022-50094: kernel: spmi: trace: fix stack-out-of-bound access in SPMI tracing functions</issue>
<issue id="1244853" tracker="bnc">VUL-0: CVE-2022-50231: kernel: crypto: arm64/poly1305 - fix a read out-of-bound</issue>
<issue id="1244854" tracker="bnc">VUL-0: CVE-2022-50228: kernel: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0</issue>
<issue id="1244856" tracker="bnc">VUL-0: CVE-2022-50229: kernel: ALSA: bcd2000: Fix a UAF bug on the error path of probing</issue>
<issue id="1244858" tracker="bnc">VUL-0: CVE-2022-50221: kernel: drm/fb-helper: Fix out-of-bounds access</issue>
<issue id="1244860" tracker="bnc">VUL-0: CVE-2022-50226: kernel: crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak</issue>
<issue id="1244861" tracker="bnc">VUL-0: CVE-2022-50218: kernel: iio: light: isl29028: Fix the warning in isl29028_remove()</issue>
<issue id="1244866" tracker="bnc">VUL-0: CVE-2022-49940: kernel: tty: n_gsm: add sanity check for gsm->receive in gsm_receive_buf()</issue>
<issue id="1244867" tracker="bnc">VUL-0: CVE-2022-50213: kernel: netfilter: nf_tables: do not allow SET_ID to refer to another table</issue>
<issue id="1244868" tracker="bnc">VUL-0: CVE-2022-50209: kernel: meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init</issue>
<issue id="1244869" tracker="bnc">VUL-0: CVE-2022-50212: kernel: netfilter: nf_tables: do not allow CHAIN_ID to refer to another table</issue>
<issue id="1244870" tracker="bnc">VUL-0: CVE-2022-50208: kernel: soc: amlogic: Fix refcount leak in meson-secure-pwrc.c</issue>
<issue id="1244871" tracker="bnc">VUL-0: CVE-2022-50207: kernel: ARM: bcm: Fix refcount leak in bcm_kona_smc_init</issue>
<issue id="1244872" tracker="bnc">VUL-0: CVE-2022-50198: kernel: ARM: OMAP2+: Fix refcount leak in omap3xxx_prm_late_init</issue>
<issue id="1244873" tracker="bnc">VUL-0: CVE-2022-50199: kernel: ARM: OMAP2+: Fix refcount leak in omapdss_init_of</issue>
<issue id="1244875" tracker="bnc">VUL-0: CVE-2022-50196: kernel: soc: qcom: ocmem: Fix refcount leak in of_get_ocmem</issue>
<issue id="1244876" tracker="bnc">VUL-0: CVE-2022-50197: kernel: cpufreq: zynq: Fix refcount leak in zynq_get_revision</issue>
<issue id="1244878" tracker="bnc">VUL-0: CVE-2022-50194: kernel: soc: qcom: aoss: Fix refcount leak in qmp_cooling_devices_register</issue>
<issue id="1244879" tracker="bnc">VUL-0: CVE-2022-50192: kernel: spi: tegra20-slink: fix UAF in tegra_slink_remove()</issue>
<issue id="1244881" tracker="bnc">VUL-0: CVE-2022-49942: kernel: wifi: mac80211: don't finalize CSA in IBSS mode if state is disconnected</issue>
<issue id="1244883" tracker="bnc">VUL-0: CVE-2022-50149: kernel: driver core: fix potential deadlock in __driver_attach</issue>
<issue id="1244884" tracker="bnc">VUL-0: CVE-2022-50109: kernel: video: fbdev: amba-clcd: Fix refcount leak bugs</issue>
<issue id="1244886" tracker="bnc">VUL-0: CVE-2022-50179: kernel: ath9k: fix use-after-free in ath9k_hif_usb_rx_cb</issue>
<issue id="1244887" tracker="bnc">VUL-0: CVE-2022-50185: kernel: drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers()</issue>
<issue id="1244888" tracker="bnc">VUL-0: CVE-2022-50186: kernel: ath11k: fix missing skb drop on htc_tx_completion error</issue>
<issue id="1244890" tracker="bnc">VUL-0: CVE-2022-50187: kernel: ath11k: fix netdev open race</issue>
<issue id="1244892" tracker="bnc">VUL-0: CVE-2022-50188: kernel: drm/meson: Fix refcount leak in meson_encoder_hdmi_init</issue>
<issue id="1244893" tracker="bnc">VUL-0: CVE-2022-50183: kernel: drm/meson: encoder_cvbs: Fix refcount leak in meson_encoder_cvbs_init</issue>
<issue id="1244895" tracker="bnc">VUL-0: CVE-2022-50190: kernel: spi: Fix simplification of devm_spi_register_controller</issue>
<issue id="1244898" tracker="bnc">VUL-0: CVE-2022-50184: kernel: drm/meson: encoder_hdmi: Fix refcount leak in meson_encoder_hdmi_init</issue>
<issue id="1244899" tracker="bnc">VUL-0: CVE-2022-50191: kernel: regulator: of: Fix refcount leak bug in of_get_regulation_constraints()</issue>
<issue id="1244900" tracker="bnc">VUL-0: CVE-2022-50178: kernel: wifi: rtw89: 8852a: rfk: fix div 0 exception</issue>
<issue id="1244901" tracker="bnc">VUL-0: CVE-2022-50181: kernel: virtio-gpu: fix a missing check to avoid NULL dereference</issue>
<issue id="1244902" tracker="bnc">VUL-0: CVE-2022-50176: kernel: drm/mcde: Fix refcount leak in mcde_dsi_bind</issue>
<issue id="1244903" tracker="bnc">VUL-0: CVE-2022-50175: kernel: media: tw686x: Fix memory leak in tw686x_video_init</issue>
<issue id="1244904" tracker="bnc">VUL-0: CVE-2022-49943: kernel: USB: gadget: fix obscure lockdep violation for udc_mutex</issue>
<issue id="1244905" tracker="bnc">VUL-0: CVE-2022-49944: kernel: Revert "usb: typec: ucsi: add a common function ucsi_unregister_connectors()"</issue>
<issue id="1244908" tracker="bnc">VUL-0: CVE-2022-49945: kernel: hwmon: (gpio-fan) Fix array out of bounds access</issue>
<issue id="1244911" tracker="bnc">VUL-0: CVE-2022-49960: kernel: drm/i915: fix null pointer dereference</issue>
<issue id="1244912" tracker="bnc">VUL-0: CVE-2022-49962: kernel: xhci: fix null pointer dereference in remove if xHC has only one roothub</issue>
<issue id="1244914" tracker="bnc">VUL-0: CVE-2022-49963: kernel: drm/i915/ttm: fix CCS handling</issue>
<issue id="1244915" tracker="bnc">VUL-0: CVE-2022-50011: kernel: venus: pm_helpers: fix warning in OPP during probe</issue>
<issue id="1244928" tracker="bnc">VUL-0: CVE-2022-49949: kernel: firmware_loader: Fix memory leak in firmware upload</issue>
<issue id="1244936" tracker="bnc">VUL-0: CVE-2022-49977: kernel: ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead</issue>
<issue id="1244940" tracker="bnc">VUL-0: CVE-2022-49951: kernel: firmware_loader: Fix use-after-free during unregister</issue>
<issue id="1244941" tracker="bnc">VUL-0: CVE-2022-50036: kernel: drm/sun4i: dsi: Prevent underflow when computing packet sizes</issue>
<issue id="1244942" tracker="bnc">VUL-0: CVE-2022-50039: kernel: stmmac: intel: Add a missing clk_disable_unprepare() call in intel_eth_pci_remove()</issue>
<issue id="1244943" tracker="bnc">VUL-0: CVE-2022-50038: kernel: drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors()</issue>
<issue id="1244944" tracker="bnc">VUL-0: CVE-2022-49946: kernel: clk: bcm: rpi: Prevent out-of-bounds access</issue>
<issue id="1244945" tracker="bnc">VUL-0: CVE-2022-49952: kernel: misc: fastrpc: fix memory corruption on probe</issue>
<issue id="1244948" tracker="bnc">VUL-0: CVE-2022-49986: kernel: scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq</issue>
<issue id="1244949" tracker="bnc">VUL-0: CVE-2022-50040: kernel: net: dsa: sja1105: fix buffer overflow in sja1105_setup_devlink_regions()</issue>
<issue id="1244950" tracker="bnc">VUL-0: CVE-2022-49984: kernel: HID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report</issue>
<issue id="1244953" tracker="bnc">VUL-0: CVE-2022-50037: kernel: drm/i915/ttm: don't leak the ccs state</issue>
<issue id="1244955" tracker="bnc">VUL-0: CVE-2022-50035: kernel: drm/amdgpu: Fix use-after-free on amdgpu_bo_list mutex</issue>
<issue id="1244956" tracker="bnc">VUL-0: CVE-2022-49985: kernel: bpf: Don't use tnum_range on array range checking for poke descriptors</issue>
<issue id="1244957" tracker="bnc">VUL-0: CVE-2022-50041: kernel: ice: Fix call trace with null VSI during VF reset</issue>
<issue id="1244958" tracker="bnc">VUL-0: CVE-2022-49950: kernel: misc: fastrpc: fix memory corruption on open</issue>
<issue id="1244959" tracker="bnc">VUL-0: CVE-2022-49968: kernel: ieee802154/adf7242: defer destroy_workqueue call</issue>
<issue id="1244960" tracker="bnc">VUL-0: CVE-2022-49972: kernel: xsk: Fix corrupted packets for XDP_SHARED_UMEM</issue>
<issue id="1244961" tracker="bnc">VUL-0: CVE-2022-50044: kernel: net: qrtr: start MHI channel after endpoit creation</issue>
<issue id="1244965" tracker="bnc">VUL-0: CVE-2022-50074: kernel: apparmor: Fix memleak in aa_simple_write_to_buffer()</issue>
<issue id="1244966" tracker="bnc">VUL-0: CVE-2022-49957: kernel: kcm: fix strp_init() order and cleanup</issue>
<issue id="1244967" tracker="bnc">VUL-0: CVE-2022-50045: kernel: powerpc/pci: Fix get_phb_number() locking</issue>
<issue id="1244968" tracker="bnc">VUL-0: CVE-2022-50083: kernel: ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h</issue>
<issue id="1244969" tracker="bnc">VUL-0: CVE-2022-49956: kernel: staging: rtl8712: fix use after free bugs</issue>
<issue id="1244970" tracker="bnc">VUL-0: CVE-2022-50079: kernel: drm/amd/display: Check correct bounds for stream encoder instances for DCN303</issue>
<issue id="1244973" tracker="bnc">VUL-0: CVE-2022-50049: kernel: ASoC: DPCM: Don't pick up BE without substream</issue>
<issue id="1244974" tracker="bnc">VUL-0: CVE-2022-49958: kernel: net/sched: fix netdevice reference leaks in attach_default_qdiscs()</issue>
<issue id="1244976" tracker="bnc">VUL-0: CVE-2022-49954: kernel: Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag</issue>
<issue id="1244977" tracker="bnc">VUL-0: CVE-2022-50077: kernel: apparmor: fix reference count leak in aa_pivotroot()</issue>
<issue id="1244978" tracker="bnc">VUL-0: CVE-2022-50073: kernel: net: tap: NULL pointer derefence in dev_parse_header_protocol when skb->dev is null</issue>
<issue id="1244979" tracker="bnc">VUL-0: CVE-2022-50072: kernel: NFSv4/pnfs: Fix a use-after-free bug in open</issue>
<issue id="1244983" tracker="bnc">VUL-0: CVE-2022-50076: kernel: cifs: Fix memory leak on the deferred close</issue>
<issue id="1244984" tracker="bnc">VUL-0: CVE-2022-49936: kernel: USB: core: Prevent nested device-reset calls</issue>
<issue id="1244985" tracker="bnc">VUL-0: CVE-2022-50066: kernel: net: atlantic: fix aq_vec index out of range error</issue>
<issue id="1244986" tracker="bnc">VUL-0: CVE-2022-50065: kernel: virtio_net: fix memory leak inside XPD_TX with mergeable</issue>
<issue id="1244987" tracker="bnc">VUL-0: CVE-2022-50050: kernel: ASoC: SOF: Intel: hda: Fix potential buffer overflow by snprintf()</issue>
<issue id="1244991" tracker="bnc">VUL-0: CVE-2022-50046: kernel: net/sunrpc: fix potential memory leaks in rpc_sysfs_xprt_state_change()</issue>
<issue id="1244992" tracker="bnc">VUL-0: CVE-2022-50173: kernel: drm/msm/mdp5: Fix global state lock backoff</issue>
<issue id="1244993" tracker="bnc">VUL-0: CVE-2022-50047: kernel: net: dsa: mv88e6060: prevent crash on an unused port</issue>
<issue id="1245006" tracker="bnc">VUL-0: CVE-2022-49990: kernel: s390: fix double free of GS and RI CBs on fork() failure</issue>
<issue id="1245007" tracker="bnc">VUL-0: CVE-2022-49989: kernel: xen/privcmd: fix error exit of privcmd_ioctl_dm_op()</issue>
<issue id="1245009" tracker="bnc">VUL-0: CVE-2022-50008: kernel: kprobes: don't call disarm_kprobe() for disabled kprobes</issue>
<issue id="1245011" tracker="bnc">VUL-0: CVE-2022-50005: kernel: nfc: pn533: Fix use-after-free bugs caused by pn532_cmd_timeout</issue>
<issue id="1245012" tracker="bnc">VUL-0: CVE-2022-49995: kernel: writeback: avoid use-after-free after removing device</issue>
<issue id="1245015" tracker="bnc">VUL-0: CVE-2022-50003: kernel: ice: xsk: prohibit usage of non-balanced queue id</issue>
<issue id="1245018" tracker="bnc">VUL-0: CVE-2022-50006: kernel: NFSv4.2 fix problems with __nfs42_ssc_open</issue>
<issue id="1245019" tracker="bnc">VUL-0: CVE-2022-49999: kernel: btrfs: fix space cache corruption and potential double allocations</issue>
<issue id="1245023" tracker="bnc">VUL-0: CVE-2022-50002: kernel: net/mlx5: LAG, fix logic over MLX5_LAG_FLAG_NDEVS_READY</issue>
<issue id="1245024" tracker="bnc">VUL-0: CVE-2022-49987: kernel: md: call __md_stop_writes in md_stop</issue>
<issue id="1245028" tracker="bnc">VUL-0: CVE-2022-50062: kernel: net: bgmac: Fix a BUG triggered by wrong bytes_compl</issue>
<issue id="1245031" tracker="bnc">VUL-0: CVE-2022-50059: kernel: ceph: don't leak snap_rwsem in handle_cap_grant</issue>
<issue id="1245032" tracker="bnc">VUL-0: CVE-2022-50060: kernel: octeontx2-af: Fix mcam entry resource leak</issue>
<issue id="1245033" tracker="bnc">VUL-0: CVE-2022-50061: kernel: pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map</issue>
<issue id="1245038" tracker="bnc">VUL-0: CVE-2022-50053: kernel: iavf: Fix reset error handling</issue>
<issue id="1245039" tracker="bnc">VUL-0: CVE-2022-50055: kernel: iavf: Fix adminq error handling</issue>
<issue id="1245040" tracker="bnc">VUL-0: CVE-2022-50054: kernel: iavf: Fix NULL pointer dereference in iavf_get_link_ksettings</issue>
<issue id="1245041" tracker="bnc">VUL-0: CVE-2022-50051: kernel: ASoC: SOF: debug: Fix potential buffer overflow by snprintf()</issue>
<issue id="1245047" tracker="bnc">VUL-0: CVE-2022-50067: kernel: btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()</issue>
<issue id="1245048" tracker="bnc">VUL-0: CVE-2022-50052: kernel: ASoC: Intel: avs: Fix potential buffer overflow by snprintf()</issue>
<issue id="1245051" tracker="bnc">VUL-0: CVE-2022-49934: kernel: wifi: mac80211: Fix UAF in ieee80211_scan_rx()</issue>
<issue id="1245052" tracker="bnc">VUL-0: CVE-2022-49935: kernel: dma-buf/dma-resv: check if the new fence is really later</issue>
<issue id="1245057" tracker="bnc">VUL-0: CVE-2022-49937: kernel: media: mceusb: Use new usb_control_msg_*() routines</issue>
<issue id="1245058" tracker="bnc">VUL-0: CVE-2022-49948: kernel: vt: Clear selection before changing the font</issue>
<issue id="1245060" tracker="bnc">VUL-0: CVE-2022-49969: kernel: drm/amd/display: clear optc underflow before turn off odm clock</issue>
<issue id="1245062" tracker="bnc">VUL-0: CVE-2022-49966: kernel: drm/amd/pm: add missing ->fini_microcode interface for Sienna Cichlid</issue>
<issue id="1245063" tracker="bnc">VUL-0: CVE-2022-49965: kernel: drm/amd/pm: add missing ->fini_xxxx interfaces for some SMU13 asics</issue>
<issue id="1245064" tracker="bnc">VUL-0: CVE-2022-49964: kernel: arm64: cacheinfo: Fix incorrect assignment of signed error value to unsigned fw_level</issue>
<issue id="1245069" tracker="bnc">VUL-0: CVE-2022-49982: kernel: media: pvrusb2: fix memory leak in pvr_probe</issue>
<issue id="1245070" tracker="bnc">VUL-0: CVE-2022-49971: kernel: drm/amd/pm: Fix a potential gpu_metrics_table memory leak</issue>
<issue id="1245072" tracker="bnc">VUL-0: CVE-2022-49981: kernel: HID: hidraw: fix memory leak in hidraw_release()</issue>
<issue id="1245073" tracker="bnc">VUL-0: CVE-2022-50027: kernel: scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE</issue>
<issue id="1245088" tracker="bnc">VUL-0: CVE-2022-50026: kernel: habanalabs/gaudi: fix shift out of bounds</issue>
<issue id="1245089" tracker="bnc">VUL-0: CVE-2022-50034: kernel: usb: cdns3 fix use-after-free at workaround 2</issue>
<issue id="1245092" tracker="bnc">VUL-0: CVE-2022-49983: kernel: udmabuf: Set the DMA mask for the udmabuf device (v2)</issue>
<issue id="1245093" tracker="bnc">VUL-0: CVE-2022-50151: kernel: usb: cdns3: fix random warning message when driver load</issue>
<issue id="1245094" tracker="bnc">VUL-0: CVE-2022-50015: kernel: ASoC: SOF: Intel: hda-ipc: Do not process IPC reply before firmware boot</issue>
<issue id="1245098" tracker="bnc">VUL-0: CVE-2022-50019: kernel: tty: serial: Fix refcount leak bug in ucc_uart.c</issue>
<issue id="1245103" tracker="bnc">VUL-0: CVE-2022-50032: kernel: usb: renesas: Fix refcount leak bug</issue>
<issue id="1245116" tracker="bnc">VUL-0: CVE-2022-50086: kernel: block: don't allow the same type rq_qos add more than once</issue>
<issue id="1245117" tracker="bnc">VUL-0: CVE-2022-50084: kernel: dm raid: fix address sanitizer warning in raid_status</issue>
<issue id="1245118" tracker="bnc">VUL-0: CVE-2022-50031: kernel: scsi: iscsi: Fix HW conn removal use after free</issue>
<issue id="1245119" tracker="bnc">VUL-0: CVE-2022-50087: kernel: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails</issue>
<issue id="1245121" tracker="bnc">VUL-0: CVE-2022-49993: kernel: loop: check for overflow while configuring loop</issue>
<issue id="1245122" tracker="bnc">VUL-0: CVE-2022-50010: kernel: video: fbdev: i740fb: check the argument of i740_calc_vclk()</issue>
<issue id="1245125" tracker="bnc">VUL-0: CVE-2022-50012: kernel: powerpc/64: init jump labels before parse_early_param()</issue>
<issue id="1245129" tracker="bnc">VUL-0: CVE-2022-50020: kernel: ext4: avoid resizing to a partial cluster size</issue>
<issue id="1245131" tracker="bnc">VUL-0: CVE-2022-50022: kernel: drivers:md:fix a potential use-after-free bug</issue>
<issue id="1245133" tracker="bnc">VUL-0: CVE-2022-50024: kernel: dmaengine: dw-axi-dmac: do not print NULL LLI during error</issue>
<issue id="1245134" tracker="bnc">VUL-0: CVE-2022-50023: kernel: dmaengine: dw-axi-dmac: ignore interrupt if no descriptor</issue>
<issue id="1245135" tracker="bnc">VUL-0: CVE-2022-50028: kernel: gadgetfs: ep_io - wait until IRQ finishes</issue>
<issue id="1245136" tracker="bnc">VUL-0: CVE-2022-50222: kernel: tty: vt: initialize unicode screen buffer</issue>
<issue id="1245138" tracker="bnc">VUL-0: CVE-2022-50215: kernel: scsi: sg: allow waiting for commands to complete on removed device</issue>
<issue id="1245139" tracker="bnc">VUL-0: CVE-2022-50033: kernel: usb: host: ohci-ppc-of: Fix refcount leak bug</issue>
<issue id="1245140" tracker="bnc">VUL-0: CVE-2022-50211: kernel: md-raid10: fix KASAN warning</issue>
<issue id="1245142" tracker="bnc">VUL-0: CVE-2022-50068: kernel: drm/ttm: Fix dummy res NULL ptr deref bug</issue>
<issue id="1245146" tracker="bnc">VUL-0: CVE-2022-50029: kernel: clk: qcom: ipq8074: dont disable gcc_sleep_clk_src</issue>
<issue id="1245147" tracker="bnc">VUL-0: CVE-2022-50085: kernel: dm raid: fix address sanitizer warning in raid_resume</issue>
<issue id="1245149" tracker="bnc">VUL-0: CVE-2022-50200: kernel: selinux: add boundary check in put_entry()</issue>
<issue id="1245152" tracker="bnc">VUL-0: CVE-2022-50206: kernel: arm64: fix oops in concurrently setting insn_emulation sysctls</issue>
<issue id="1245154" tracker="bnc">VUL-0: CVE-2022-50202: kernel: PM: hibernate: defer device probing when resuming from hibernation</issue>
<issue id="1245155" tracker="bnc">VUL-0: CVE-2025-38060: kernel: bpf: copy_verifier_state() should copy 'loop_entry' field</issue>
<issue id="1245180" tracker="bnc">VUL-0: CVE-2022-50021: kernel: ext4: block range must be validated before use in ext4_mb_clear_bb()</issue>
<issue id="1245183" tracker="bnc">VUL-0: CVE-2025-38083: kernel: net_sched: prio: fix a race in prio_tune()</issue>
<issue id="1245189" tracker="bnc">VUL-0: CVE-2022-50203: kernel: ARM: OMAP2+: display: Fix refcount leak bug</issue>
<issue id="1245191" tracker="bnc">VUL-0: CVE-2022-50204: kernel: ARM: OMAP2+: pdata-quirks: Fix refcount leak bug</issue>
<issue id="1245195" tracker="bnc">VUL-0: CVE-2022-49978: kernel: fbdev: fb_pm2fb: Avoid potential divide by zero error</issue>
<issue id="1245197" tracker="bnc">VUL-0: CVE-2022-50201: kernel: selinux: fix memleak in security_read_state_kernel()</issue>
<issue id="1245265" tracker="bnc">VUL-0: CVE-2022-50030: kernel: scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input</issue>
<issue id="1245340" tracker="bnc">VUL-0: CVE-2022-50016: kernel: ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot</issue>
<issue id="1245348" tracker="bnc">VUL-0: CVE-2022-50220: kernel: usbnet: Fix linkwatch use-after-free on disconnect</issue>
<issue id="1245431" tracker="bnc">HugeTLB - fix unshare pages</issue>
<issue id="1245455" tracker="bnc">[storvsc][Backport] scsi: storvsc: Increase the timeouts to storvsc_timeout</issue>
<issue id="2021-47557" tracker="cve" />
<issue id="2021-47595" tracker="cve" />
<issue id="2022-1679" tracker="cve" />
<issue id="2022-2585" tracker="cve" />
<issue id="2022-2586" tracker="cve" />
<issue id="2022-2905" tracker="cve" />
<issue id="2022-3903" tracker="cve" />
<issue id="2022-4095" tracker="cve" />
<issue id="2022-4662" tracker="cve" />
<issue id="2022-49934" tracker="cve" />
<issue id="2022-49935" tracker="cve" />
<issue id="2022-49936" tracker="cve" />
<issue id="2022-49937" tracker="cve" />
<issue id="2022-49938" tracker="cve" />
<issue id="2022-49940" tracker="cve" />
<issue id="2022-49942" tracker="cve" />
<issue id="2022-49943" tracker="cve" />
<issue id="2022-49944" tracker="cve" />
<issue id="2022-49945" tracker="cve" />
<issue id="2022-49946" tracker="cve" />
<issue id="2022-49948" tracker="cve" />
<issue id="2022-49949" tracker="cve" />
<issue id="2022-49950" tracker="cve" />
<issue id="2022-49951" tracker="cve" />
<issue id="2022-49952" tracker="cve" />
<issue id="2022-49954" tracker="cve" />
<issue id="2022-49956" tracker="cve" />
<issue id="2022-49957" tracker="cve" />
<issue id="2022-49958" tracker="cve" />
<issue id="2022-49960" tracker="cve" />
<issue id="2022-49962" tracker="cve" />
<issue id="2022-49963" tracker="cve" />
<issue id="2022-49964" tracker="cve" />
<issue id="2022-49965" tracker="cve" />
<issue id="2022-49966" tracker="cve" />
<issue id="2022-49968" tracker="cve" />
<issue id="2022-49969" tracker="cve" />
<issue id="2022-49971" tracker="cve" />
<issue id="2022-49972" tracker="cve" />
<issue id="2022-49977" tracker="cve" />
<issue id="2022-49978" tracker="cve" />
<issue id="2022-49980" tracker="cve" />
<issue id="2022-49981" tracker="cve" />
<issue id="2022-49982" tracker="cve" />
<issue id="2022-49983" tracker="cve" />
<issue id="2022-49984" tracker="cve" />
<issue id="2022-49985" tracker="cve" />
<issue id="2022-49986" tracker="cve" />
<issue id="2022-49987" tracker="cve" />
<issue id="2022-49989" tracker="cve" />
<issue id="2022-49990" tracker="cve" />
<issue id="2022-49993" tracker="cve" />
<issue id="2022-49995" tracker="cve" />
<issue id="2022-49999" tracker="cve" />
<issue id="2022-50002" tracker="cve" />
<issue id="2022-50003" tracker="cve" />
<issue id="2022-50005" tracker="cve" />
<issue id="2022-50006" tracker="cve" />
<issue id="2022-50008" tracker="cve" />
<issue id="2022-50010" tracker="cve" />
<issue id="2022-50011" tracker="cve" />
<issue id="2022-50012" tracker="cve" />
<issue id="2022-50015" tracker="cve" />
<issue id="2022-50016" tracker="cve" />
<issue id="2022-50019" tracker="cve" />
<issue id="2022-50020" tracker="cve" />
<issue id="2022-50021" tracker="cve" />
<issue id="2022-50022" tracker="cve" />
<issue id="2022-50023" tracker="cve" />
<issue id="2022-50024" tracker="cve" />
<issue id="2022-50026" tracker="cve" />
<issue id="2022-50027" tracker="cve" />
<issue id="2022-50028" tracker="cve" />
<issue id="2022-50029" tracker="cve" />
<issue id="2022-50030" tracker="cve" />
<issue id="2022-50031" tracker="cve" />
<issue id="2022-50032" tracker="cve" />
<issue id="2022-50033" tracker="cve" />
<issue id="2022-50034" tracker="cve" />
<issue id="2022-50035" tracker="cve" />
<issue id="2022-50036" tracker="cve" />
<issue id="2022-50037" tracker="cve" />
<issue id="2022-50038" tracker="cve" />
<issue id="2022-50039" tracker="cve" />
<issue id="2022-50040" tracker="cve" />
<issue id="2022-50041" tracker="cve" />
<issue id="2022-50044" tracker="cve" />
<issue id="2022-50045" tracker="cve" />
<issue id="2022-50046" tracker="cve" />
<issue id="2022-50047" tracker="cve" />
<issue id="2022-50049" tracker="cve" />
<issue id="2022-50050" tracker="cve" />
<issue id="2022-50051" tracker="cve" />
<issue id="2022-50052" tracker="cve" />
<issue id="2022-50053" tracker="cve" />
<issue id="2022-50054" tracker="cve" />
<issue id="2022-50055" tracker="cve" />
<issue id="2022-50059" tracker="cve" />
<issue id="2022-50060" tracker="cve" />
<issue id="2022-50061" tracker="cve" />
<issue id="2022-50062" tracker="cve" />
<issue id="2022-50065" tracker="cve" />
<issue id="2022-50066" tracker="cve" />
<issue id="2022-50067" tracker="cve" />
<issue id="2022-50068" tracker="cve" />
<issue id="2022-50072" tracker="cve" />
<issue id="2022-50073" tracker="cve" />
<issue id="2022-50074" tracker="cve" />
<issue id="2022-50076" tracker="cve" />
<issue id="2022-50077" tracker="cve" />
<issue id="2022-50079" tracker="cve" />
<issue id="2022-50083" tracker="cve" />
<issue id="2022-50084" tracker="cve" />
<issue id="2022-50085" tracker="cve" />
<issue id="2022-50086" tracker="cve" />
<issue id="2022-50087" tracker="cve" />
<issue id="2022-50092" tracker="cve" />
<issue id="2022-50093" tracker="cve" />
<issue id="2022-50094" tracker="cve" />
<issue id="2022-50095" tracker="cve" />
<issue id="2022-50097" tracker="cve" />
<issue id="2022-50098" tracker="cve" />
<issue id="2022-50099" tracker="cve" />
<issue id="2022-50100" tracker="cve" />
<issue id="2022-50101" tracker="cve" />
<issue id="2022-50102" tracker="cve" />
<issue id="2022-50103" tracker="cve" />
<issue id="2022-50104" tracker="cve" />
<issue id="2022-50108" tracker="cve" />
<issue id="2022-50109" tracker="cve" />
<issue id="2022-50110" tracker="cve" />
<issue id="2022-50111" tracker="cve" />
<issue id="2022-50112" tracker="cve" />
<issue id="2022-50115" tracker="cve" />
<issue id="2022-50116" tracker="cve" />
<issue id="2022-50117" tracker="cve" />
<issue id="2022-50118" tracker="cve" />
<issue id="2022-50120" tracker="cve" />
<issue id="2022-50121" tracker="cve" />
<issue id="2022-50124" tracker="cve" />
<issue id="2022-50125" tracker="cve" />
<issue id="2022-50126" tracker="cve" />
<issue id="2022-50127" tracker="cve" />
<issue id="2022-50129" tracker="cve" />
<issue id="2022-50131" tracker="cve" />
<issue id="2022-50132" tracker="cve" />
<issue id="2022-50133" tracker="cve" />
<issue id="2022-50134" tracker="cve" />
<issue id="2022-50135" tracker="cve" />
<issue id="2022-50136" tracker="cve" />
<issue id="2022-50137" tracker="cve" />
<issue id="2022-50138" tracker="cve" />
<issue id="2022-50139" tracker="cve" />
<issue id="2022-50140" tracker="cve" />
<issue id="2022-50141" tracker="cve" />
<issue id="2022-50142" tracker="cve" />
<issue id="2022-50143" tracker="cve" />
<issue id="2022-50144" tracker="cve" />
<issue id="2022-50145" tracker="cve" />
<issue id="2022-50146" tracker="cve" />
<issue id="2022-50149" tracker="cve" />
<issue id="2022-50151" tracker="cve" />
<issue id="2022-50152" tracker="cve" />
<issue id="2022-50153" tracker="cve" />
<issue id="2022-50154" tracker="cve" />
<issue id="2022-50155" tracker="cve" />
<issue id="2022-50156" tracker="cve" />
<issue id="2022-50157" tracker="cve" />
<issue id="2022-50158" tracker="cve" />
<issue id="2022-50160" tracker="cve" />
<issue id="2022-50161" tracker="cve" />
<issue id="2022-50162" tracker="cve" />
<issue id="2022-50164" tracker="cve" />
<issue id="2022-50165" tracker="cve" />
<issue id="2022-50166" tracker="cve" />
<issue id="2022-50169" tracker="cve" />
<issue id="2022-50171" tracker="cve" />
<issue id="2022-50172" tracker="cve" />
<issue id="2022-50173" tracker="cve" />
<issue id="2022-50175" tracker="cve" />
<issue id="2022-50176" tracker="cve" />
<issue id="2022-50178" tracker="cve" />
<issue id="2022-50179" tracker="cve" />
<issue id="2022-50181" tracker="cve" />
<issue id="2022-50183" tracker="cve" />
<issue id="2022-50184" tracker="cve" />
<issue id="2022-50185" tracker="cve" />
<issue id="2022-50186" tracker="cve" />
<issue id="2022-50187" tracker="cve" />
<issue id="2022-50188" tracker="cve" />
<issue id="2022-50190" tracker="cve" />
<issue id="2022-50191" tracker="cve" />
<issue id="2022-50192" tracker="cve" />
<issue id="2022-50194" tracker="cve" />
<issue id="2022-50196" tracker="cve" />
<issue id="2022-50197" tracker="cve" />
<issue id="2022-50198" tracker="cve" />
<issue id="2022-50199" tracker="cve" />
<issue id="2022-50200" tracker="cve" />
<issue id="2022-50201" tracker="cve" />
<issue id="2022-50202" tracker="cve" />
<issue id="2022-50203" tracker="cve" />
<issue id="2022-50204" tracker="cve" />
<issue id="2022-50206" tracker="cve" />
<issue id="2022-50207" tracker="cve" />
<issue id="2022-50208" tracker="cve" />
<issue id="2022-50209" tracker="cve" />
<issue id="2022-50211" tracker="cve" />
<issue id="2022-50212" tracker="cve" />
<issue id="2022-50213" tracker="cve" />
<issue id="2022-50215" tracker="cve" />
<issue id="2022-50218" tracker="cve" />
<issue id="2022-50220" tracker="cve" />
<issue id="2022-50221" tracker="cve" />
<issue id="2022-50222" tracker="cve" />
<issue id="2022-50226" tracker="cve" />
<issue id="2022-50228" tracker="cve" />
<issue id="2022-50229" tracker="cve" />
<issue id="2022-50231" tracker="cve" />
<issue id="2023-3111" tracker="cve" />
<issue id="2023-52924" tracker="cve" />
<issue id="2023-52925" tracker="cve" />
<issue id="2023-53046" tracker="cve" />
<issue id="2023-53048" tracker="cve" />
<issue id="2023-53076" tracker="cve" />
<issue id="2023-53097" tracker="cve" />
<issue id="2024-26808" tracker="cve" />
<issue id="2024-26924" tracker="cve" />
<issue id="2024-26935" tracker="cve" />
<issue id="2024-27397" tracker="cve" />
<issue id="2024-28956" tracker="cve" />
<issue id="2024-35840" tracker="cve" />
<issue id="2024-36978" tracker="cve" />
<issue id="2024-46800" tracker="cve" />
<issue id="2024-53125" tracker="cve" />
<issue id="2024-53141" tracker="cve" />
<issue id="2024-53197" tracker="cve" />
<issue id="2024-56770" tracker="cve" />
<issue id="2024-57999" tracker="cve" />
<issue id="2025-21700" tracker="cve" />
<issue id="2025-21702" tracker="cve" />
<issue id="2025-21703" tracker="cve" />
<issue id="2025-21756" tracker="cve" />
<issue id="2025-23141" tracker="cve" />
<issue id="2025-23145" tracker="cve" />
<issue id="2025-37752" tracker="cve" />
<issue id="2025-37785" tracker="cve" />
<issue id="2025-37798" tracker="cve" />
<issue id="2025-37823" tracker="cve" />
<issue id="2025-37890" tracker="cve" />
<issue id="2025-37932" tracker="cve" />
<issue id="2025-37948" tracker="cve" />
<issue id="2025-37953" tracker="cve" />
<issue id="2025-37963" tracker="cve" />
<issue id="2025-37997" tracker="cve" />
<issue id="2025-38000" tracker="cve" />
<issue id="2025-38001" tracker="cve" />
<issue id="2025-38014" tracker="cve" />
<issue id="2025-38060" tracker="cve" />
<issue id="2025-38083" tracker="cve" />
<issue id="PED-10028" tracker="jsc" />
<issue id="PED-12251" tracker="jsc" />
<category>security</category>
<rating>important</rating>
<packager>Jeffreycheung</packager>
<reboot_needed/>
<description>
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2021-47557: net/sched: sch_ets: do not peek at classes beyond 'nbands' (bsc#1207361 bsc#1225468).
- CVE-2021-47595: net/sched: sch_ets: do not remove idle classes from the round-robin list (bsc#1207361 bsc#1226552).
- CVE-2023-52924: netfilter: nf_tables: do not skip expired elements during walk (bsc#1236821).
- CVE-2023-52925: netfilter: nf_tables: do not fail inserts if duplicate has expired (bsc#1236822).
- CVE-2024-26808: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634).
- CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820).
- CVE-2024-27397: kabi: place tstamp needed for nftables set in a hole (bsc#1224095).
- CVE-2024-28956: x86/its: Add support for ITS-safe indirect thunk (bsc#1242006).
- CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1226514).
- CVE-2024-46800: sch/netem: fix use after free in netem_dequeue (bsc#1230827).
- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156).
- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1234381).
- CVE-2024-53197: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices (bsc#1235464).
- CVE-2024-56770: sch/netem: fix use after free in netem_dequeue (bsc#1235637).
- CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1237312).
- CVE-2025-21703: netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).
- CVE-2025-21756: vsock: Orphan socket after transport release (bsc#1238876).
- CVE-2025-23141: KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (bsc#1242782).
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504).
- CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640).
- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).
- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1243330).
- CVE-2025-37997: netfilter: ipset: fix region locking in hash types (bsc#1243832).
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1244277).
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244234).
- CVE-2025-38014: dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (bsc#1244732).
- CVE-2025-38060: bpf: abort verification if env->cur_state->loop_entry != NULL (bsc#1245155).
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245183).
The following non-security bugs were fixed:
- ALSA: usb-audio: Fix a DMA to stack memory bug (git-fixes).
- Fix conditional for selecting gcc-13 Fixes: 51dacec21eb1 ("Use gcc-13 for build on SLE16 (jsc#PED-10028).")
- Fix reference in "net_sched: sch_sfq: use a temporary work area for validating configuration" (bsc#1242504)
- MyBS: Correctly generate build flags for non-multibuild package limit (bsc# 1244241) Fixes: 0999112774fc ("MyBS: Use buildflags to set which package to build")
- MyBS: Do not build kernel-obs-qa with limit_packages Fixes: 58e3f8c34b2b ("bs-upload-kernel: Pass limit_packages also on multibuild")
- MyBS: Simplify qa_expr generation Start with a 0 which makes the expression valid even if there are no QA repositories (currently does not happen). Then separator is always needed.
- Require zstd in kernel-default-devel when module compression is zstd To use ksym-provides tool modules need to be uncompressed. Without zstd at least kernel-default-base does not have provides. Link: https://github.com/openSUSE/rpm-config-SUSE/pull/82
- Use gcc-13 for build on SLE16 (jsc#PED-10028).
- add nf_tables for iptables non-legacy network handling This is needed for example by docker on the Alpine Linux distribution, but can also be used on openSUSE.
- bs-upload-kernel: Pass limit_packages also on multibuild Fixes: 0999112774fc ("MyBS: Use buildflags to set which package to build") Fixes: 747f601d4156 ("bs-upload-kernel, MyBS, Buildresults: Support multibuild (JSC-SLE#5501, boo#1211226, bsc#1218184)")
- check-for-config-changes: Fix flag name typo
- doc/README.SUSE: Point to the updated version of LKMPG
- hugetlb: unshare some PMDs when splitting VMAs (bsc#1245431).
- kernel-obs-qa: Use srchash for dependency as well
- kernel-source: Also replace bin/env
- kernel-source: Also update the search to match bin/env Fixes: dc2037cd8f94 ("kernel-source: Also replace bin/env"
- kernel-source: Remove log.sh from sources
- mkspec: Exclude rt flavor from kernel-syms dependencies (bsc#1244337).
- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431).
- mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431).
- net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312)
- net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504)
- ovl: fix use inode directly in rcu-walk mode (bsc#1241900).
- packaging: Turn gcc version into config.sh variable Fixes: 51dacec21eb1 ("Use gcc-13 for build on SLE16 (jsc#PED-10028).")
- powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (bsc#1244309 ltc#213790).
- powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (bsc#1244309 ltc#213790).
- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN
- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN Both spellings are actually used
- rpm/check-for-config-changes: add LD_CAN_ to IGNORED_CONFIGS_RE
- rpm/check-for-config-changes: add more to IGNORED_CONFIGS_RE Useful when someone tries (needs) to build the kernel with clang.
- rpm/check-for-config-changes: ignore DRM_MSM_VALIDATE_XML This option is dynamically enabled to build-test different configurations. This makes run_oldconfig.sh complain sporadically for arm64.
- rpm/kernel-binary.spec.in: Also order against update-bootloader (boo#1228659, boo#1240785, boo#1241038).
- rpm/kernel-binary.spec.in: Fix missing 20-kernel-default-extra.conf (bsc#1239986) sle_version was obsoleted for SLE16. It has to be combined with suse_version check.
- rpm/kernel-binary.spec.in: Use OrderWithRequires (boo#1228659 boo#1241038). OrderWithRequires was introduced in rpm 4.9 (ie. SLE12+) to allow a package to inform the order of installation of other package without hard requiring that package. This means our kernel-binary packages no longer need to hard require perl-Bootloader or dracut, resolving the long-commented issue there. This is also needed for udev & systemd-boot to ensure those packages are installed before being called by dracut (boo#1228659)
- rpm/kernel-binary.spec.in: fix KMPs build on 6.13+ (bsc#1234454)
- rpm/kernel-docs.spec.in: Workaround for reproducible builds (bsc#1238303)
- rpm/package-descriptions: Add rt and rt_debug descriptions
- rpm/release-projects: Update the ALP projects again (bsc#1231293).
- rpm/split-modules: Fix optional splitting with usrmerge (bsc#1238570)
- rpm: Stop using is_kotd_qa macro
- scsi: storvsc: Do not report the host packet status as the hv status (git-fixes).
- scsi: storvsc: Increase the timeouts to storvsc_timeout (bsc#1245455).
</description>
<summary>Security update for the Linux Kernel</summary>
</patchinfo>
