Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.4:Update
patchinfo.25300
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.25300
<patchinfo incident="25300"> <issue id="1178134" tracker="bnc">[TRACKERBUG] git-fixes pile for SLE15-SP3</issue> <issue id="1198829" tracker="bnc">VUL-0: CVE-2022-1462: kernel-source,kernel-source-rt,kernel-source-azure: A race condition vulnerability in drivers/tty/tty_buffers.c</issue> <issue id="1199364" tracker="bnc">hv_netvsc: Add support for XDP_REDIRECT</issue> <issue id="1199647" tracker="bnc">VUL-0: CVE-2022-1116: kernel-source-azure,kernel-source-rt,kernel-source: Integer overflow in io_uring may lead to local privilege escalation</issue> <issue id="1199665" tracker="bnc">VUL-0: CVE-2022-29581: kernel-source,kernel-source-rt,kernel-source-azure: Improper Update of Reference Count vulnerability in net/sched</issue> <issue id="1199670" tracker="bnc">[DELL SLES 15 SP3 BUG] - NVMe TCP controller resets/reconnections observed under stress</issue> <issue id="1200521" tracker="bnc">[NetApp SLES15 SP3 Bug]: Path loss on Broadcom NVMe/FC MU host during ONTAP SFOs</issue> <issue id="1200598" tracker="bnc">VUL-0: CVE-2022-20166: kernel-source-rt,kernel-source,kernel-source-azure: possible out of bounds write due to sprintf unsafety</issue> <issue id="1200644" tracker="bnc">L3: NVMe autoconnect fails with "nvme_fc: nvme_fc_parse_traddr: bad traddr string" error</issue> <issue id="1200651" tracker="bnc">L3: 12SP5 4.12.14-122.116 breaks qla2xxx nvme over FC</issue> <issue id="1200762" tracker="bnc">VUL-0: CVE-2022-26365,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742: xen: Linux disk/nic frontends data leaks (XSA-403)</issue> <issue id="1200910" tracker="bnc">VUL-0: CVE-2020-36558: kernel: use after free due to race condition between ioctl(VT_DISALLOCATE) and ioctl(VT_RESIZEX)</issue> <issue id="1201196" tracker="bnc">L3: With kernel 5.3.18-59.37-default or greater, kernel cashes in NFS v4 code, when accessing certain NFS share</issue> <issue id="1201206" tracker="bnc">Macbook pro12 battery is not detected with the latest kernel update on Leap 15.3</issue> <issue id="1201251" tracker="bnc">VUL-0: CVE-2022-2318: kernel-source,kernel-source-rt,kernel-source-azure: Use-after-free caused by timer handler in net/rose/rose_timer.c</issue> <issue id="1201381" tracker="bnc">L3: BUG: unable to handle kernel NULL pointer dereference at xenvif_rx_skb+0x23</issue> <issue id="1201429" tracker="bnc">VUL-0: CVE-2020-36557: kernel use after free due to race condition in ioctl(VT_DISALLOCATE)</issue> <issue id="1201458" tracker="bnc">VUL-0: CVE-2022-21505: kernel lockdown bypass via IMA appraisal</issue> <issue id="1201635" tracker="bnc">VUL-0: CVE-2021-33655: kernel-source,kernel-source-azure,kernel-source-rt: Out of bounds write with ioctl cmd FBIOPUT_VSCREENINFO</issue> <issue id="1201636" tracker="bnc">VUL-0: CVE-2021-33656: kernel-source-azure,kernel-source,kernel-source-rt: When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds</issue> <issue id="1201644" tracker="bnc">Kernel crashes on Dell PowerEdge R340 and R440 after latest kernel upgrade</issue> <issue id="1201664" tracker="bnc">kernel 5.3.18-150300.59.81-default is continuously crashing on Supermicro X11DPU-Z+ (Intel Skylake SP)</issue> <issue id="1201672" tracker="bnc">bad RIP value - kernel NULL pointer dereference address 0000000000000000</issue> <issue id="1201673" tracker="bnc">buggy kernel 5.3.18-150300.59.81 on SLES15-SP3 keeps crashing</issue> <issue id="1201676" tracker="bnc">crashes on new 15-sp3 kernel (retbleed fallout?)</issue> <issue id="1201846" tracker="bnc">HSCLB60C HMC message and hard lockup log entries after 10 successful LPM operations (P10)</issue> <issue id="1201930" tracker="bnc">Regression running some VM guests with 5.3.18-150300.59.87.1</issue> <issue id="1201940" tracker="bnc">VUL-0: CVE-2022-36946: kernel-source-azure,kernel-source,kernel-source-rt: incorrect packet truncation in nfqnl_mangle() leads to remote DoS</issue> <issue id="1201954" tracker="bnc">[NetApp SLES15 SP4 Bug] QLogic NVMe/FC broken after SP4 kernel MU upgrade</issue> <issue id="1201956" tracker="bnc">Update Broadcom Emulex lpfc driver to 14.2.0.5</issue> <issue id="1201958" tracker="bnc">qla2xxx: update driver to 10.02.07.800-k</issue> <issue id="2022-36946" tracker="cve" /> <issue id="2022-32250" tracker="cve" /> <issue id="2022-29581" tracker="cve" /> <issue id="2022-20166" tracker="cve" /> <issue id="2020-36558" tracker="cve" /> <issue id="2020-36557" tracker="cve" /> <issue id="2022-21505" tracker="cve" /> <issue id="2021-33656" tracker="cve" /> <issue id="2021-33655" tracker="cve" /> <issue id="2022-1462" tracker="cve" /> <issue id="2022-1116" tracker="cve" /> <issue id="2022-2318" tracker="cve" /> <issue id="2022-33741" tracker="cve" /> <issue id="2022-33740" tracker="cve" /> <issue id="2022-33742" tracker="cve" /> <issue id="2022-26365" tracker="cve" /> <issue id="SLE-24559" tracker="jsc" /> <category>security</category> <rating>important</rating> <packager>olh</packager> <reboot_needed/> <description> The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-36946: Fixed an incorrect packet trucation operation which could lead to denial of service (bnc#1201940). - CVE-2022-29581: Fixed improper update of reference count in net/sched that could cause root privilege escalation (bnc#1199665). - CVE-2022-20166: Fixed several possible memory safety issues due to unsafe operations (bsc#1200598). - CVE-2020-36558: Fixed a race condition involving VT_RESIZEX which could lead to a NULL pointer dereference and general protection fault (bnc#1200910). - CVE-2020-36557: Fixed a race condition between the VT_DISALLOCATE ioctl and closing/opening of TTYs that could lead to a use-after-free (bnc#1201429). - CVE-2021-33655: Fixed an out of bounds write by ioctl cmd FBIOPUT_VSCREENINFO (bnc#1201635). - CVE-2021-33656: Fixed an out of bounds write related to ioctl cmd PIO_FONT (bnc#1201636). - CVE-2022-21505: Fixed a kernel lockdown bypass via IMA policy (bsc#1201458). - CVE-2022-1462: Fixed an out-of-bounds read flaw in the TTY subsystem (bnc#1198829). - CVE-2022-1116: Fixed an integer overflow vulnerability in io_uring which allowed a local attacker to escalate privileges to root (bnc#1199647).- CVE-2022-2318: Fixed a use-after-free vulnerability in the timer handler in Rose subsystem that allowed unprivileged attackers to crash the system (bsc#1201251). - CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742: Fixed multiple potential data leaks with Block and Network devices when using untrusted backends (bsc#1200762). The following non-security bugs were fixed: - Fixed a system crash related to the recent RETBLEED mitigation (bsc#1201644, bsc#1201664, bsc#1201672, bsc#1201673, bsc#1201676). - qla2xxx: drop patch which prevented nvme port discovery (bsc#1200651 bsc#1200644 bsc#1201954 bsc#1201958). - kvm: emulate: do not adjust size of fastop and setcc subroutines (bsc#1201930). - bpf, cpumap: Remove rcpu pointer from cpu_map_build_skb signature (bsc#1199364). - bpf: enable BPF type format (BTF) (jsc#SLE-24559). - nfs: avoid NULL pointer dereference when there is unflushed data (bsc#1201196). - hv_netvsc: Add (more) validation for untrusted Hyper-V values (bsc#1199364). - hv_netvsc: Add comment of netvsc_xdp_xmit() (bsc#1199364). - hv_netvsc: Add support for XDP_REDIRECT (bsc#1199364). - hv_netvsc: Copy packets sent by Hyper-V out of the receive buffer (bsc#1199364). - hv_netvsc: Fix validation in netvsc_linkstatus_callback() (bsc#1199364). - kvm/emulate: Fix SETcc emulation function offsets with SLS (bsc#1201930). - lkdtm: Disable return thunks in rodata.c (bsc#1178134). - net, xdp: Introduce __xdp_build_skb_from_frame utility routine (bsc#1199364). - net, xdp: Introduce xdp_build_skb_from_frame utility routine (bsc#1199364). - nvme: consider also host_iface when checking ip options (bsc#1199670). - powerpc/mobility: wait for memory transfer to complete (bsc#1201846 ltc#198761). - powerpc/pseries/mobility: set NMI watchdog factor during an LPM (bsc#1201846 ltc#198761). - powerpc/watchdog: introduce a NMI watchdog's factor (bsc#1201846 ltc#198761). - scsi: lpfc: Copyright updates for 14.2.0.5 patches (bsc#1201956). - scsi: lpfc: Fix attempted FA-PWWN usage after feature disable (bsc#1201956). - scsi: lpfc: Fix lost NVMe paths during LIF bounce stress test (bsc#1201956 bsc#1200521). - scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE (bsc#1201956). - scsi: lpfc: Fix uninitialized cqe field in lpfc_nvme_cancel_iocb() (bsc#1201956). - scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input (bsc#1201956). - scsi: lpfc: Refactor lpfc_nvmet_prep_abort_wqe() into lpfc_sli_prep_abort_xri() (bsc#1201956). - scsi: lpfc: Remove Menlo/Hornet related code (bsc#1201956). - scsi: lpfc: Remove extra atomic_inc on cmd_pending in queuecommand after VMID (bsc#1201956). - scsi: lpfc: Revert RSCN_MEMENTO workaround for misbehaved configuration (bsc#1201956). - scsi: lpfc: Set PU field when providing D_ID in XMIT_ELS_RSP64_CX iocb (bsc#1201956). - scsi: lpfc: Update lpfc version to 14.2.0.5 (bsc#1201956). - scsi: qla2xxx: Check correct variable in qla24xx_async_gffid() (bsc#1201958). - scsi: qla2xxx: Fix discovery issues in FC-AL topology (bsc#1201958). - scsi: qla2xxx: Fix imbalance vha->vref_count (bsc#1201958). - scsi: qla2xxx: Fix incorrect display of max frame size (bsc#1201958). - scsi: qla2xxx: Fix response queue handler reading stale packets (bsc#1201958). - scsi: qla2xxx: Fix sparse warning for dport_data (bsc#1201958). - scsi: qla2xxx: Update manufacturer details (bsc#1201958). - scsi: qla2xxx: Update version to 10.02.07.800-k (bsc#1201958). - scsi: qla2xxx: Zero undefined mailbox IN registers (bsc#1201958). - scsi: qla2xxx: edif: Fix dropped IKE message (bsc#1201958). - watchdog: export lockup_detector_reconfigure (bsc#1201846 ltc#198761). - x86/bugs: Remove apostrophe typo (bsc#1178134). - x86/entry: Remove skip_r11rcx (bsc#1201644). - x86/retbleed: Add fine grained Kconfig knobs (bsc#1178134). - xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue (bsc#1201381). </description> <summary>Security update for the Linux Kernel</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor