Overview

File _patchinfo of Package patchinfo.42634

<patchinfo incident="42634">
  <issue tracker="bnc" id="1220137">VUL-0: CVE-2023-52433: kernel-source,kernel-source-azure,kernel-source-rt: in netfilter nft_set_rbtree skip sync GC for new elements in this transaction</issue>
  <issue tracker="bnc" id="1220144">VUL-0: CVE-2024-26581: kernel-source,kernel-source-azure,kernel-source-rt: nftables nft_set_rbtree skip end interval element from gc</issue>
  <issue tracker="bnc" id="1222323">VUL-0: CVE-2024-26661: kernel: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()'</issue>
  <issue tracker="bnc" id="1223007">VUL-0: CVE-2024-26832: kernel: mm: zswap: fix missing folio cleanup in writeback race path</issue>
  <issue tracker="bnc" id="1225049">VUL-0: CVE-2023-52874: kernel: x86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro</issue>
  <issue tracker="bnc" id="1233038">VUL-0: CVE-2024-50143: kernel: udf: fix uninit-value use in udf_get_fileshortad</issue>
  <issue tracker="bnc" id="1235905">VUL-0: CVE-2024-54031: kernel: netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext</issue>
  <issue tracker="bnc" id="1236104">VUL-0: CVE-2023-52923: kernel: netfilter: nf_tables: adapt set backend to use GC transaction API</issue>
  <issue tracker="bnc" id="1236208">VUL-0: CVE-2025-21658: kernel: btrfs: avoid NULL pointer dereference if no valid extent tree</issue>
  <issue tracker="bnc" id="1237885">VUL-0: CVE-2025-21764: kernel: ndisc: use RCU protection in ndisc_alloc_skb()</issue>
  <issue tracker="bnc" id="1237906">VUL-0: CVE-2025-21765: kernel: ipv6: use RCU protection in ip6_default_advmss()</issue>
  <issue tracker="bnc" id="1238414">VUL-0: CVE-2022-49604: kernel: ip: Fix data-races around sysctl_ip_fwd_use_pmtu.</issue>
  <issue tracker="bnc" id="1238754">VUL-0: CVE-2025-21766: kernel: ipv4: use RCU protection in __ip_rt_update_pmtu()</issue>
  <issue tracker="bnc" id="1238763">VUL-0: CVE-2025-21760: kernel: ndisc: extend RCU protection in ndisc_send_skb()</issue>
  <issue tracker="bnc" id="1244758">VUL-0: CVE-2022-50232: kernel: arm64: set UXN on swapper page tables</issue>
  <issue tracker="bnc" id="1244904">VUL-0: CVE-2022-49943: kernel: USB: gadget: fix obscure lockdep violation for udc_mutex</issue>
  <issue tracker="bnc" id="1245110">VUL-0: CVE-2022-49980: kernel: USB: gadget: fix use-after-free Read in usb_udc_uevent()</issue>
  <issue tracker="bnc" id="1245210">VUL-0: CVE-2025-38068: kernel: crypto: lzo - Fix compression buffer overrun</issue>
  <issue tracker="bnc" id="1245723">VUL-0: CVE-2025-38129: kernel: page_pool: fix use-after-free in page_pool_recycle_in_ring</issue>
  <issue tracker="bnc" id="1245751">VUL-0: CVE-2025-38159: kernel: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds</issue>
  <issue tracker="bnc" id="1247177">VUL-0: CVE-2025-38375: kernel: virtio-net: ensure the received length does not exceed allocated size</issue>
  <issue tracker="bnc" id="1247483">VUL-0: Intel CPU: VMScape issue</issue>
  <issue tracker="bnc" id="1248306">VUL-0: CVE-2025-38563: kernel: perf/core: Prevent VMA split of buffer mappings</issue>
  <issue tracker="bnc" id="1248377">VUL-0: CVE-2025-38565: kernel: perf/core: Exit early on perf_mmap() fail</issue>
  <issue tracker="bnc" id="1249156">VUL-0: CVE-2025-38684: kernel: net/sched: ets: use old 'nbands' while purging unused classes</issue>
  <issue tracker="bnc" id="1249158">fstests btrfs/336 crashed in LTSS kernel-live-patching test</issue>
  <issue tracker="bnc" id="1249827">VUL-0: CVE-2023-53178: kernel: mm: fix zswap writeback race condition</issue>
  <issue tracker="bnc" id="1252785">VUL-0: CVE-2025-40044: kernel: fs: udf: fix OOB read in lengthAllocDescs handling</issue>
  <issue tracker="bnc" id="1253028">VUL-0: CVE-2023-53407: kernel: USB: gadget: pxa27x_udc: fix memory leak with using debugfs_lookup()</issue>
  <issue tracker="bnc" id="1253087">L3: Increased Swap Activity After Upgrade from SLES15 SP5 to SP7</issue>
  <issue tracker="bnc" id="1253409">VUL-0: CVE-2025-40139: kernel: smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set().</issue>
  <issue tracker="bnc" id="1253702">A missing cpu feature during Harvester upgrade</issue>
  <issue tracker="bnc" id="1254447">system hungs up without no clear error/warning messages - thread::r03Hb1oCINKWUr2R5vhM7ys::</issue>
  <issue tracker="bnc" id="1254462">VUL-0: CVE-2023-53412: kernel: USB: gadget: bcm63xx_udc: fix memory leak with using debugfs_lookup()</issue>
  <issue tracker="bnc" id="1254463">VUL-0: CVE-2023-53417: kernel: USB: sl811: fix memory leak with using debugfs_lookup()</issue>
  <issue tracker="bnc" id="1254464">VUL-0: CVE-2023-53418: kernel: USB: gadget: lpc32xx_udc: fix memory leak with using debugfs_lookup()</issue>
  <issue tracker="bnc" id="1254465">VUL-0: CVE-2023-53714: kernel: drm/stm: ltdc: fix late dereference check</issue>
  <issue tracker="bnc" id="1254767">L3: Backport of "net: tcp: send zero-window ACK when no memory"</issue>
  <issue tracker="bnc" id="1254842">VUL-0: CVE-2025-40257: kernel: mptcp: fix a race in mptcp_pm_del_add_timer()</issue>
  <issue tracker="bnc" id="1255171">VUL-0: CVE-2025-68312: kernel: usbnet: Prevents free active kevent</issue>
  <issue tracker="bnc" id="1255251">VUL-0: CVE-2025-68183: kernel: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr</issue>
  <issue tracker="bnc" id="1255377">VUL-0: CVE-2025-68284: kernel: libceph: prevent potential out-of-bounds writes in handle_auth_session_key()</issue>
  <issue tracker="bnc" id="1255401">VUL-0: CVE-2025-68285: kernel: libceph: fix potential use-after-free in have_mon_and_osd_map()</issue>
  <issue tracker="bnc" id="1255594">VUL-0: CVE-2022-50697: kernel: mrp: introduce active flags to prevent UAF when applicant uninit</issue>
  <issue tracker="bnc" id="1255908">VUL-0: CVE-2023-54243: kernel: netfilter: ebtables: fix table blob use-after-free</issue>
  <issue tracker="bnc" id="1256095">VUL-0: CVE-2023-54142: kernel: gtp: Fix use-after-free in __gtp_encap_destroy().</issue>
  <issue tracker="bnc" id="1256582">VUL-0: CVE-2025-68771: kernel: ocfs2: fix kernel BUG in ocfs2_find_victim_chain</issue>
  <issue tracker="bnc" id="1256612">VUL-0: CVE-2025-71089: kernel: iommu: disable SVA when CONFIG_X86 is set</issue>
  <issue tracker="bnc" id="1256623">VUL-0: CVE-2025-71085: kernel: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr()</issue>
  <issue tracker="bnc" id="1256641">VUL-0: CVE-2025-68813: kernel: ipvs: fix ipv4 null-ptr-deref in route error path</issue>
  <issue tracker="bnc" id="1256726">VUL-0: CVE-2025-71112: kernel: net: hns3: add VLAN id validation before using</issue>
  <issue tracker="bnc" id="1256744">VUL-0: CVE-2025-71116: kernel: libceph: make decode_pool() more resilient against corrupted osdmaps</issue>
  <issue tracker="bnc" id="1256779">VUL-0: CVE-2025-71120: kernel: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf</issue>
  <issue tracker="bnc" id="1256792">kbdrate over ssh crashes aarch64 kernel</issue>
  <issue tracker="bnc" id="1257232">VUL-0: CVE-2026-23001: kernel: macvlan: fix possible UAF in macvlan_forward_source()</issue>
  <issue tracker="bnc" id="1257236">VUL-0: CVE-2026-22999: kernel: net/sched: sch_qfq: do not free existing class in qfq_change_class()</issue>
  <issue tracker="bnc" id="1257296">[SUSE][storvsc][Backport] Backport storvsc patch for handling MODE_SENSE_10</issue>
  <issue tracker="bnc" id="1257473">[SUSE]{hv_netvsc][Backport] net: hv_netvsc: reject RSS hash key programming without RX indirection table</issue>
  <issue tracker="cve" id="2022-49604"/>
  <issue tracker="cve" id="2022-49943"/>
  <issue tracker="cve" id="2022-49980"/>
  <issue tracker="cve" id="2022-50232"/>
  <issue tracker="cve" id="2022-50697"/>
  <issue tracker="cve" id="2023-52433"/>
  <issue tracker="cve" id="2023-52874"/>
  <issue tracker="cve" id="2023-52923"/>
  <issue tracker="cve" id="2023-53178"/>
  <issue tracker="cve" id="2023-53407"/>
  <issue tracker="cve" id="2023-53412"/>
  <issue tracker="cve" id="2023-53417"/>
  <issue tracker="cve" id="2023-53418"/>
  <issue tracker="cve" id="2023-53714"/>
  <issue tracker="cve" id="2023-54142"/>
  <issue tracker="cve" id="2023-54243"/>
  <issue tracker="cve" id="2024-26581"/>
  <issue tracker="cve" id="2024-26661"/>
  <issue tracker="cve" id="2024-26832"/>
  <issue tracker="cve" id="2024-50143"/>
  <issue tracker="cve" id="2024-54031"/>
  <issue tracker="cve" id="2025-21658"/>
  <issue tracker="cve" id="2025-21760"/>
  <issue tracker="cve" id="2025-21764"/>
  <issue tracker="cve" id="2025-21765"/>
  <issue tracker="cve" id="2025-21766"/>
  <issue tracker="cve" id="2025-38068"/>
  <issue tracker="cve" id="2025-38129"/>
  <issue tracker="cve" id="2025-38159"/>
  <issue tracker="cve" id="2025-38375"/>
  <issue tracker="cve" id="2025-38563"/>
  <issue tracker="cve" id="2025-38565"/>
  <issue tracker="cve" id="2025-38684"/>
  <issue tracker="cve" id="2025-40044"/>
  <issue tracker="cve" id="2025-40139"/>
  <issue tracker="cve" id="2025-40257"/>
  <issue tracker="cve" id="2025-40300"/>
  <issue tracker="cve" id="2025-68183"/>
  <issue tracker="cve" id="2025-68284"/>
  <issue tracker="cve" id="2025-68285"/>
  <issue tracker="cve" id="2025-68312"/>
  <issue tracker="cve" id="2025-68771"/>
  <issue tracker="cve" id="2025-68813"/>
  <issue tracker="cve" id="2025-71085"/>
  <issue tracker="cve" id="2025-71089"/>
  <issue tracker="cve" id="2025-71112"/>
  <issue tracker="cve" id="2025-71116"/>
  <issue tracker="cve" id="2025-71120"/>
  <issue tracker="cve" id="2026-22999"/>
  <issue tracker="cve" id="2026-23001"/>
  <category>security</category>
  <rating>important</rating>
  <packager>Jeffreycheung</packager>
  <reboot_needed/>
  <summary>Security update for the Linux Kernel</summary>
  <description>
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues

The following security issues were fixed:

- CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit (bsc#1255594).
- CVE-2023-54142: gtp: Fix use-after-free in __gtp_encap_destroy() (bsc#1256095).
- CVE-2023-54243: netfilter: ebtables: fix table blob use-after-free (bsc#1255908).
- CVE-2025-38068: crypto: lzo - Fix compression buffer overrun (bsc#1245210).
- CVE-2025-38129: page_pool: fix inconsistency for page_pool_ring_lock() (bsc#1245723).
- CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (bsc#1245751).
- CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1247177).
- CVE-2025-40257: mptcp: fix a race in mptcp_pm_del_add_timer() (bsc#1254842).
- CVE-2025-40300: Documentation/hw-vuln: Add VMSCAPE documentation (bsc#1247483).
- CVE-2025-68183: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr (bsc#1255251).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255377).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255401).
- CVE-2025-68312: usbnet: Prevents free active kevent (bsc#1255171).
- CVE-2025-68771: ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256641).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256623).
- CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256612).
- CVE-2025-71112: net: hns3: add VLAN id validation before using (bsc#1256726).
- CVE-2025-71116: libceph: make decode_pool() more resilient against corrupted osdmaps (bsc#1256744).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256779).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257236).
- CVE-2026-23001: macvlan: fix possible UAF in macvlan_forward_source() (bsc#1257232).
- CVE-2023-53215: sched/fair: Don't balance task to its current running CPU (bsc#1250397).
- CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).

The following non security issues were fixed:

- Revert "ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582)".
- mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (bsc#1253087 bsc#1254447).
- net: hv_netvsc: reject RSS hash key programming without RX indirection table (bsc#1257473).
- net: tcp: allow zero-window ACK update the window (bsc#1254767).
- net: tcp: send zero-window ACK when no memory (bsc#1254767).
- scsi: storvsc: Process unsupported MODE_SENSE_10 (bsc#1257296).
- tcp: correct handling of extreme memory squeeze (bsc#1254767).
- x86: make page fault handling disable interrupts properly (git-fixes).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places