Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP7:Update
patchinfo.28859
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.28859
<patchinfo incident="28859"> <issue id="1202353" tracker="bnc">kernel: replace mkinitrd wrapper with native dracut</issue> <issue id="1205128" tracker="bnc">VUL-0: CVE-2022-43945: kernel-source-azure,kernel-source,kernel-source-rt: nfsd: buffer overflow due to incorrect calculation of send buffer size</issue> <issue id="1209613" tracker="bnc">VUL-0: CVE-2020-36691: kernel-source,kernel-source-azure,kernel-source-rt: Using netlink to force a CPU into an eternal loop</issue> <issue id="1209687" tracker="bnc">VUL-0: CVE-2023-1611: kernel: race between quota disable and quota assign ioctls in fs/btrfs/ioctl.c</issue> <issue id="1209777" tracker="bnc">VUL-0: CVE-2020-36691: kernel: lib/nlattr.c allows attackers to cause a denial of service</issue> <issue id="1209871" tracker="bnc">VUL-0: CVE-2023-1670: kernel-source-rt,kernel-source-azure,kernel-source: Use after free bug in xirc2ps_detach</issue> <issue id="1209887" tracker="bnc">Regression: crash in __sk_destruct</issue> <issue id="1210202" tracker="bnc">VUL-0: CVE-2023-1855: kernel: use-after-free bug in remove function xgene_hwmon_remove</issue> <issue id="1210301" tracker="bnc">VUL-0: kernel: cifs.ko out of bounds memory access in smb311_decode_neg_context()</issue> <issue id="1210329" tracker="bnc">VUL-0: CVE-2023-30772: kernel: use after free bug in da9150_charger_remove due to race condition</issue> <issue id="1210336" tracker="bnc">VUL-0: CVE-2023-1989: kernel: Use after free bug in btsdio_remove due to race condition</issue> <issue id="1210337" tracker="bnc">VUL-0: CVE-2023-1990: kernel: Use after free bug in ndlc_remove due to race condition</issue> <issue id="1210469" tracker="bnc">Obsolete KMP obsoletes</issue> <issue id="1210498" tracker="bnc">VUL-0: CVE-2023-2124: kernel-source: OOB access in the XFS subsystem</issue> <issue id="1210506" tracker="bnc">VUL-0: CVE-2023-1998: kernel: x86/speculation: Allow enabling STIBP with legacy IBRS</issue> <issue id="1210647" tracker="bnc">VUL-0: CVE-2023-2162: kernel-source-rt,kernel-source,kernel-source-azure: UAF during login when accessing the shost ipaddress</issue> <issue id="2023-2124" tracker="cve" /> <issue id="2023-1670" tracker="cve" /> <issue id="2023-2162" tracker="cve" /> <issue id="2023-1998" tracker="cve" /> <issue id="2023-30772" tracker="cve" /> <issue id="2023-1855" tracker="cve" /> <issue id="2023-1989" tracker="cve" /> <issue id="2023-1990" tracker="cve" /> <issue id="2022-43945" tracker="cve" /> <issue id="2023-1611" tracker="cve" /> <issue id="2020-36691" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>alix82</packager> <reboot_needed/> <description>The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498). - CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871). - CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647). - CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506). - CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329). - CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202). - CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336). - CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337). - CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128). - CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687). - CVE-2020-36691: Fixed a denial of service vulnerability via a nested Netlink policy with a back reference (bsc#1209777). The following non-security bugs were fixed: - cifs: fix negotiate context parsing (bsc#1210301). - cred: allow get_cred() and put_cred() to be given NULL (bsc#1209887). </description> <summary>Security update for the Linux Kernel</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
