Overview

File _patchinfo of Package patchinfo.43322

<patchinfo incident="43322">
  <!--generated with prepare-kernel from request 404218-->
  <issue tracker="bnc" id="1238917">VUL-0: CVE-2025-21738: kernel: ata: libata-sff: ensure that we cannot write outside the allocated buffer</issue>
  <issue tracker="bnc" id="1255075">VUL-0: CVE-2025-40242: kernel: gfs2: Fix unlikely race in gdlm_put_lock</issue>
  <issue tracker="bnc" id="1256645">VUL-0: CVE-2025-71066: kernel: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change</issue>
  <issue tracker="bnc" id="1257231">VUL-0: CVE-2026-23004: kernel: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list()</issue>
  <issue tracker="bnc" id="1257473">[SUSE]{hv_netvsc][Backport] net: hv_netvsc: reject RSS hash key programming without RX indirection table</issue>
  <issue tracker="bnc" id="1257732">VUL-0: CVE-2026-23054: kernel: net: hv_netvsc: reject RSS hash key programming without RX indirection table</issue>
  <issue tracker="bnc" id="1257735">VUL-0: CVE-2026-23060: kernel: crypto: authencesn - reject too-short AAD (assoclen&lt;8) to match ESP/ESN spec</issue>
  <issue tracker="bnc" id="1257749">VUL-0: CVE-2026-23074: kernel: net/sched: Enforce that teql can only be used as root qdisc</issue>
  <issue tracker="bnc" id="1257790">VUL-0: CVE-2026-23089: kernel: ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free()</issue>
  <issue tracker="bnc" id="1258340">VUL-0: CVE-2026-23204: kernel: net/sched: cls_u32: use skb_header_pointer_careful()</issue>
  <issue tracker="bnc" id="1258395">VUL-0: CVE-2026-23191: kernel: ALSA: aloop: Fix racy access at PCM trigger</issue>
  <issue tracker="bnc" id="1258518">VUL-0: CVE-2026-23209: kernel: macvlan: fix error recovery in macvlan_common_newlink()</issue>
  <issue tracker="bnc" id="1258849">VUL-0: apparmor: "CrackArmor": multi issues found by Qualys</issue>
  <issue tracker="cve" id="2025-21738"/>
  <issue tracker="cve" id="2025-40242"/>
  <issue tracker="cve" id="2025-71066"/>
  <issue tracker="cve" id="2026-23004"/>
  <issue tracker="cve" id="2026-23054"/>
  <issue tracker="cve" id="2026-23060"/>
  <issue tracker="cve" id="2026-23074"/>
  <issue tracker="cve" id="2026-23089"/>
  <issue tracker="cve" id="2026-23191"/>
  <issue tracker="cve" id="2026-23204"/>
  <issue tracker="cve" id="2026-23209"/>
  <issue tracker="jsc" id="PED-12836"/>
  <issue tracker="bnc" id="1258850">VUL-0: CVE-2026-23268: kernel: apparmor: fix unprivileged local user can do privileged policy management</issue>
  <issue tracker="bnc" id="1259857">VUL-0: CVE-2026-23269: kernel: apparmor: validate DFA start states are in bounds in unpack_pdb</issue>
  <issue tracker="cve" id="2026-23268"/>
  <issue tracker="cve" id="2026-23269"/>
  <category>security</category>
  <rating>important</rating>
  <packager>Jeffreycheung</packager>
  <summary>Security update for the Linux Kernel</summary>
  <description>
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues

The following security issues were fixed:

- CVE-2025-21738: ata: libata-sff: Ensure that we cannot write outside the allocated buffer (bsc#1238917).
- CVE-2025-40242: gfs2: Fix unlikely race in gdlm_put_lock (bsc#1255075).
- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change
  (bsc#1256645).
- CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1257231).
- CVE-2026-23060: crypto: authencesn - reject too-short AAD (assoclen&lt;8) to match ESP/ESN spec (bsc#1257735).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1257749).
- CVE-2026-23089: ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() (bsc#1257790).
- CVE-2026-23191: ALSA: aloop: Fix racy access at PCM trigger (bsc#1258395).
- CVE-2026-23204: net: add skb_header_pointer_careful() helper (bsc#1258340).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258518).
- CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy management (bsc#1258850).
- CVE-2026-23269: apparmor: validate DFA start states are in bounds in unpack_pdb (bsc#1259857).

The following non security issues were fixed:

- apparmor: fix differential encoding verification (bsc#1258849).
- apparmor: Fix double free of ns_name in aa_replace_profiles() (bsc#1258849).
- apparmor: fix memory leak in verify_header (bsc#1258849).
- apparmor: fix missing bounds check on DEFAULT table in verify_dfa() (bsc#1258849).
- apparmor: fix race between freeing data and fs accessing it (bsc#1258849).
- apparmor: fix race on rawdata dereference (bsc#1258849).
- apparmor: fix side-effect bug in match_char() macro usage (bsc#1258849).
- apparmor: fix unprivileged local user can do privileged policy management (bsc#1258849).
- apparmor: fix: limit the number of levels of policy namespaces (bsc#1258849).
- apparmor: replace recursive profile removal with iterative approach (bsc#1258849).
- apparmor: validate DFA start states are in bounds in unpack_pdb (bsc#1258849).
</description>
  <reboot_needed/>
</patchinfo>
openSUSE Build Service is sponsored by
Places