File _patchinfo of Package patchinfo.31728

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.31728

<patchinfo incident="31728">
  <issue id="1084909" tracker="bnc">trackerbug: packages do not build reproducibly from hostname</issue>
  <issue id="1210780" tracker="bnc">VUL-0: CVE-2023-31083: kernel: drivers/bluetooth/hci_ldisc.c race condition in hci_uart_tty_ioctl</issue>
  <issue id="1214037" tracker="bnc">[MANA] net: mana: Configure hwc timeout from hardware</issue>
  <issue id="1214344" tracker="bnc">liburing/defer.t hangs</issue>
  <issue id="1214764" tracker="bnc">net: mana: Fix MANA VF unload when hardware is unresponsive</issue>
  <issue id="1215371" tracker="bnc">L3-Question: BTRFS: Transaction aborted -&gt; btrfs_run_delayed_items</issue>
  <issue id="1216058" tracker="bnc">VUL-0: CVE-2023-45863: kernel: renaming a network device can cause a buffer overflow on the kernel heap, upstream 3bb2a01caa81</issue>
  <issue id="1216259" tracker="bnc">VUL-0: CVE-2023-45871: kernel: buffer size may not be adequate for frames larger than the MTU</issue>
  <issue id="1216584" tracker="bnc">VUL-0: CVE-2023-5717: kernel: heap out-of-bounds write vulnerability related to perf_read_group() can be exploited to achieve local privilege escalation</issue>
  <issue id="1216965" tracker="bnc">VUL-0: CVE-2023-39198: kernel: QXL: race condition leading to use-after-free in qxl_mode_dumb_create()</issue>
  <issue id="1216976" tracker="bnc">VUL-0: CVE-2023-39197: kernel: DCCP: conntrack out-of-bounds read in nf_conntrack_dccp_packet()</issue>
  <issue id="1217140" tracker="bnc">Partner-L3: aplay hangs after so many iterations of playing any wav file</issue>
  <issue id="1217332" tracker="bnc">VUL-0: CVE-2023-6176: kernel-source,kernel-source-azure,kernel-source-rt: local dos vulnerability in scatterwalk_copychunks</issue>
  <issue id="1217408" tracker="bnc">L3: VFS: file-max limit 2409228 reached - server becomes unresponsive - need core analyzed</issue>
  <issue id="1217780" tracker="bnc">5e1d824f9a28 powerpc: Don't clobber f0/vs0 during fp|altivec register save</issue>
  <issue id="2023-39197" tracker="cve" />
  <issue id="2023-6176" tracker="cve" />
  <issue id="2023-45863" tracker="cve" />
  <issue id="2023-45871" tracker="cve" />
  <issue id="2023-39198" tracker="cve" />
  <issue id="2023-31083" tracker="cve" />
  <issue id="2023-5717" tracker="cve" />
  <issue id="PED-3184" tracker="jsc" />
  <issue id="PED-5021" tracker="jsc" />
  <category>security</category>
  <rating>important</rating>
  <packager>alix82</packager>
  <reboot_needed/>
  <description>The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

- CVE-2023-39197: Fixed a out-of-bounds read in nf_conntrack_dccp_packet() (bsc#1216976).
- CVE-2023-6176: Fixed a denial of service in the cryptographic algorithm scatterwalk functionality (bsc#1217332).
- CVE-2023-45863: Fixed a out-of-bounds write in fill_kobj_path() (bsc#1216058).
- CVE-2023-45871: Fixed an issue in the IGB driver, where the buffer size may not be adequate for frames larger than the MTU (bsc#1216259).
- CVE-2023-39198: Fixed a race condition leading to use-after-free in qxl_mode_dumb_create() (bsc#1216965).
- CVE-2023-31083: Fixed race condition in hci_uart_tty_ioctl (bsc#1210780).
- CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the Performance Events component (bsc#1216584).

The following non-security bugs were fixed:

- ALSA: hda: Disable power-save on KONTRON SinglePC (bsc#1217140).
- Call flush_delayed_fput() from nfsd main-loop (bsc#1217408).
- net: mana: Configure hwc timeout from hardware (bsc#1214037).
- net: mana: Fix MANA VF unload when hardware is unresponsive (bsc#1214764).
- powerpc: Do not clobber f0/vs0 during fp|altivec register save (bsc#1217780).
</description>
<summary>Security update for the Linux Kernel</summary>
</patchinfo>

Places

File _patchinfo of Package patchinfo.31728

Places