Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP3:GA
patchinfo.23126
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.23126
<patchinfo incident="23126"> <issue id="1194516" tracker="bnc">VUL-0: CVE-2022-0487: kernel: moxart-mmc: use-after-free in moxart_remove</issue> <issue id="1195254" tracker="bnc">VUL-0: CVE-2022-0435: kernel-source: tipc: Remote Stack Overflow in Linux Kernel</issue> <issue id="1195516" tracker="bnc">VUL-0: CVE-2022-0516: kernel-source: KVM: s390: missing check in ioctl allows kernel memory read/write</issue> <issue id="1195543" tracker="bnc">VUL-0: CVE-2022-0492: kernel-source: cgroups v1 release_agent missing capabilities check</issue> <issue id="1195612" tracker="bnc">VUL-0: CVE-2022-24448: kernel-source,kernel-source-rt,kernel-source-azure: nfs_atomic_open() returns uninitialized data instead of ENOTDIR</issue> <issue id="1195897" tracker="bnc">VUL-0: CVE-2022-24959: kernel-source-azure,kernel-source,kernel-source-rt: memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c</issue> <issue id="1195905" tracker="bnc">VUL-0: CVE-2022-24958: kernel-source,kernel-source-rt,kernel-source-azure: use-after-free in dev->buf release in drivers/usb/gadget/legacy/inode.c</issue> <issue id="1195908" tracker="bnc">VUL-0: CVE-2022-0492: kernel live patch: cgroups v1 release_agent missing capabilities check</issue> <issue id="1195947" tracker="bnc">VUL-0: CVE-2022-0516: kernel live patch: KVM: s390: missing check in ioctl allows kernel memory read/write</issue> <issue id="1195949" tracker="bnc">VUL-0: CVE-2022-0487: kernel live patch: moxart-mmc: use-after-free in moxart_remove</issue> <issue id="1195987" tracker="bnc">VUL-0: CVE-2021-44879: kernel-source-azure,kernel-source,kernel-source-rt: NULL pointer dereference in folio_mark_dirty() via a crafted f2fs image</issue> <issue id="1196079" tracker="bnc">VUL-0: CVE-2022-0617: kernel-source,kernel-source-rt,kernel-source-azure: udf: Null pointer dereference can be triggered when writing to an ICB inode</issue> <issue id="1196095" tracker="bnc">VUL-0: CVE-2022-25258: kernel-source-azure,kernel-source,kernel-source-rt: security issues in the OS descriptor handling section of composite_setup function (composite.c)</issue> <issue id="1196132" tracker="bnc">VUL-0: CVE-2022-25258: kernel live patch: security issues in the OS descriptor handling section of composite_setup function (composite.c)</issue> <issue id="1196155" tracker="bnc">VUL-0: CVE-2022-0644: kernel-source-azure,kernel-source,kernel-source-rt: Assertion failure can happen if users trigger kernel_read_file_from_fd()</issue> <issue id="1196235" tracker="bnc">VUL-0: CVE-2022-25375: kernel-source-rt,kernel-source,kernel-source-azure: information leak due to a lack of validation in the RNDIS_MSG_SET command</issue> <issue id="1196612" tracker="bnc">L3: [EAR - NOT FOR USA Citizens] PTF request to fix kernel for CVE-2022-0492 for sles12sp2 ref:_00D1igLOd._5001iqBMTa:ref</issue> <issue id="1196776" tracker="bnc">L3: [EAR - NOT FOR USA Citizens] Request PTF to fix CVE-2022-0492 for kernel on sles12sp5.</issue> <issue id="2022-0617" tracker="cve" /> <issue id="2022-25375" tracker="cve" /> <issue id="2022-0644" tracker="cve" /> <issue id="2022-25258" tracker="cve" /> <issue id="2021-44879" tracker="cve" /> <issue id="2022-24959" tracker="cve" /> <issue id="2022-24958" tracker="cve" /> <issue id="2022-0487" tracker="cve" /> <issue id="2022-0516" tracker="cve" /> <issue id="2022-24448" tracker="cve" /> <issue id="2022-0492" tracker="cve" /> <issue id="1189126" tracker="bnc">L3: 15 sp2 lpfc only discovering targets on one port of one of two adapters</issue> <issue id="1191580" tracker="bnc">VUL-0: EMBARGOED: CVE-2022-0001, CVE-2022-0002: kernel: BHB speculation issues</issue> <issue id="1192483" tracker="bnc">L3-Question: Can't umount an nfs 4 formerly-exported file systems until another file system is unexported</issue> <issue id="1195286" tracker="bnc">L3: iSCSI target permanently down via all paths after temporary network outage — ref:_00D1igLOd._5001ioe4AN:ref</issue> <issue id="1195701" tracker="bnc">fstrim triggers kernel panic when booted with only one disk from RAID1 BTRFS array</issue> <issue id="1195995" tracker="bnc">ISST-LTE:DENALI:SLES15.4:donalp53:mkfs.xfs over nvmf hung and does not return</issue> <issue id="1196584" tracker="bnc">VUL-0: EMBARGOED kernel-source: overwrite data in arbitrary (read-only) files until 5.16.11</issue> <issue id="2022-0001" tracker="cve" /> <issue id="2022-0002" tracker="cve" /> <issue id="SLE-23652" tracker="jsc" /> <issue id="1196584" tracker="bnc">VUL-0: EMBARGOED: CVE-2022-0847: kernel-source: overwrite data in arbitrary (read-only) files until 5.16.11</issue> <issue id="1196601" tracker="bnc">VUL-0: EMBARGOED: CVE-2022-0847: kernel live patch: overwrite data in arbitrary (read-only) files until 5.16.11</issue> <issue id="2022-0847" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>alix82</packager> <reboot_needed/> <description>The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer (BHB), named "Branch Target Injection" and "Intra-Mode Branch History Injection" are now mitigated. The following security bugs were fixed: - CVE-2022-0001: Fixed Branch History Injection vulnerability (bsc#1191580). - CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability (bsc#1191580). - CVE-2022-0847: Fixed a vulnerability were a local attackers could overwrite data in arbitrary (read-only) files (bsc#1196584). - CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079) - CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernel_read_file_from_fd() (bsc#1196155). - CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987). - CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897). - CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516). - CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543). - CVE-2022-24448: Fixed an issue in fs/nfs/dir.c. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612). - CVE-2022-25375: The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. Attackers can obtain sensitive information from kernel memory (bsc#1196235). - CVE-2022-0516: Fixed missing check in ioctl related to KVM in s390 allows kernel memory read/write (bsc#1195516). - CVE-2022-25258: The USB Gadget subsystem lacked certain validation of interface OS descriptor requests, which could have lead to memory corruption (bsc#1196096). - CVE-2022-24958: drivers/usb/gadget/legacy/inode.c mishandled dev->buf release (bsc#1195905). The following non-security bugs were fixed: - btrfs: check for missing device in btrfs_trim_fs (bsc#1195701). - gve: Add RX context (jsc#SLE-23652). - gve: Add a jumbo-frame device option (jsc#SLE-23652). - gve: Add consumed counts to ethtool stats (jsc#SLE-23652). - gve: Add optional metadata descriptor type GVE_TXD_MTD (jsc#SLE-23652). - gve: Correct order of processing device options (jsc#SLE-23652). - gve: Fix GFP flags when allocing pages (jsc#SLE-23652). - gve: Implement packet continuation for RX (jsc#SLE-23652). - gve: Implement suspend/resume/shutdown (jsc#SLE-23652). - gve: Move the irq db indexes out of the ntfy block struct (jsc#SLE-23652). - gve: Recording rx queue before sending to napi (jsc#SLE-23652). - gve: Update gve_free_queue_page_list signature (jsc#SLE-23652). - gve: Use kvcalloc() instead of kvzalloc() (jsc#SLE-23652). - gve: fix for null pointer dereference (jsc#SLE-23652). - gve: fix the wrong AdminQ buffer queue index check (jsc#SLE-23652). - gve: fix unmatched u64_stats_update_end() (jsc#SLE-23652). - gve: remove memory barrier around seqno (jsc#SLE-23652). - lib/iov_iter: initialize "flags" in new pipe_buffer (bsc#1196584). - net: tipc: validate domain record count on input (bsc#1195254). - nfsd: allow delegation state ids to be revoked and then freed (bsc#1192483). - nfsd: allow lock state ids to be revoked and then freed (bsc#1192483). - nfsd: allow open state ids to be revoked and then freed (bsc#1192483). - nfsd: do not admin-revoke NSv4.0 state ids (bsc#1192483). - nfsd: prepare for supporting admin-revocation of state (bsc#1192483). - powerpc/pseries/ddw: Revert "Extend upper limit for huge DMA window for persistent memory" (bsc#1195995 ltc#196394). - scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop (bsc#1189126). - scsi: target: iscsi: Fix cmd abort fabric stop race (bsc#1195286). </description> <summary>Security update for the Linux Kernel</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor