File _patchinfo of Package patchinfo.35191

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.35191

<patchinfo incident="35191">
  <issue id="1065729" tracker="bnc">[trackerbug] 4.12 powerpc base kernel fixes</issue>
  <issue id="1179610" tracker="bnc">VUL-0: CVE-2020-26558: kernel-source: Multiple Bluetooth Core Specification Vulnerabilities</issue>
  <issue id="1186463" tracker="bnc">VUL-0: CVE-2021-0129,CVE-2020-26558: kernel-source, bluez: vulnerabilities with bluetooth subsystem (INTEL-SA-00517)</issue>
  <issue id="1216834" tracker="bnc">L3: System crashing intermittent with OCFS2</issue>
  <issue id="1218820" tracker="bnc">L3-Question: vmware esxi8 uefi secure boot blacklist: Problem with revocation key (-74)</issue>
  <issue id="1220185" tracker="bnc">VUL-0: CVE-2024-26583: kernel: tls: fix race between async notify and socket close</issue>
  <issue id="1220186" tracker="bnc">VUL-0: CVE-2024-26584: kernel: net: tls: handle backlogging of crypto requests</issue>
  <issue id="1220187" tracker="bnc">VUL-0: CVE-2024-26585: kernel-source,kernel-source-azure,kernel-source-rt: tls: race condition between tx work scheduling and socket close</issue>
  <issue id="1221539" tracker="bnc">VUL-0: CVE-2021-47126: kernel: ipv6: slab-out-of-bounds read in fib6_nh_flush_exceptions()</issue>
  <issue id="1222728" tracker="bnc">VUL-0: CVE-2024-26800: kernel: tls: use-after-free on failed backlog decryption</issue>
  <issue id="1222824" tracker="bnc">VUL-0: CVE-2021-47219: kernel: scsi: scsi_debug: out-of-bound read in resp_report_tgtpgs()</issue>
  <issue id="1223863" tracker="bnc">L3: Process accessing NFS enters Uninterruptible sleep state</issue>
  <issue id="1224918" tracker="bnc">VUL-0: CVE-2021-47291: kernel: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions</issue>
  <issue id="1225404" tracker="bnc">VUL-0: CVE-2021-47506: kernel: nfsd: fix use-after-free due to delegation race</issue>
  <issue id="1225431" tracker="bnc">VUL-0: CVE-2021-47520: kernel: can: pch_can: pch_can_rx_normal: fix use after free</issue>
  <issue id="1226519" tracker="bnc">VUL-0: CVE-2024-36974: kernel: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP</issue>
  <issue id="1226550" tracker="bnc">VUL-0: CVE-2021-47580: kernel: scsi: scsi_debug: Fix type in min_t to avoid stack OOB</issue>
  <issue id="1226574" tracker="bnc">VUL-0: CVE-2021-47598: kernel: sch_cake: do not call cake_destroy() from cake_init()</issue>
  <issue id="1226575" tracker="bnc">VUL-0: CVE-2021-47600: kernel: dm btree remove: fix use after free in rebalance_children()</issue>
  <issue id="1226662" tracker="bnc">L3: NFS 4.1 client on SLES 15 SP3 uses inefficient READDIR practices</issue>
  <issue id="1226666" tracker="bnc">ASR signed driver does not load on SUSE</issue>
  <issue id="1226785" tracker="bnc">VUL-0: CVE-2024-38559: kernel: scsi: qedf: ensure the copied buf is NUL terminated</issue>
  <issue id="1227213" tracker="bnc">WARNING: CPU: 6 PID: 2464 at ../drivers/gpu/drm/drm_gem.c:1032 drm_gem_object_put+0x5f/0x70 [drm]</issue>
  <issue id="1227362" tracker="bnc">SUSE NFS 4.1 client logs "lock reclaim failed" after NFS4ERR_BAD_STATEID from Azure NFS server</issue>
  <issue id="1227487" tracker="bnc">powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas()</issue>
  <issue id="1227716" tracker="bnc">VUL-0: CVE-2024-39494: kernel: ima: fix use-after-free on a dentry's dname.name</issue>
  <issue id="1227750" tracker="bnc">VUL-0: CVE-2023-52885: kernel: SUNRPC: Fix UAF in svc_tcp_listen_data_ready()</issue>
  <issue id="1227810" tracker="bnc">VUL-0: CVE-2024-40956: kernel: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list</issue>
  <issue id="1227836" tracker="bnc">VUL-0: CVE-2024-40937: kernel: gve: clear napi-&gt;skb before dev_kfree_skb_any()</issue>
  <issue id="1227976" tracker="bnc">VUL-0: CVE-2022-48821: kernel: misc: fastrpc: avoid double fput() on failed usercopy</issue>
  <issue id="1228013" tracker="bnc">VUL-0: CVE-2022-48792: kernel: scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task</issue>
  <issue id="1228040" tracker="bnc">VUL-0: CVE-2022-48822: kernel: usb: f_fs: fix use-after-free for epfile</issue>
  <issue id="1228114" tracker="bnc">VUL-0: CVE-2024-41011: kernel: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages</issue>
  <issue id="1228328" tracker="bnc">VUL-0: CVE-2024-41090: kernel: virtio-net: tap: mlx5_core short frame denial of service</issue>
  <issue id="1228561" tracker="bnc">VUL-0: CVE-2024-41059: kernel: hfsplus: fix uninit-value in copy_name</issue>
  <issue id="1228644" tracker="bnc">VUL-0: CVE-2024-41069: kernel: ASoC: topology: fix references to freed memory</issue>
  <issue id="1228743" tracker="bnc">VUL-0: CVE-2024-42145: kernel: IB/core: implement a limit on UMAD receive List</issue>
  <issue id="2020-26558" tracker="cve" />
  <issue id="2021-0129" tracker="cve" />
  <issue id="2021-47126" tracker="cve" />
  <issue id="2021-47219" tracker="cve" />
  <issue id="2021-47291" tracker="cve" />
  <issue id="2021-47506" tracker="cve" />
  <issue id="2021-47520" tracker="cve" />
  <issue id="2021-47580" tracker="cve" />
  <issue id="2021-47598" tracker="cve" />
  <issue id="2021-47600" tracker="cve" />
  <issue id="2022-48792" tracker="cve" />
  <issue id="2022-48821" tracker="cve" />
  <issue id="2022-48822" tracker="cve" />
  <issue id="2023-52686" tracker="cve" />
  <issue id="2023-52885" tracker="cve" />
  <issue id="2024-26583" tracker="cve" />
  <issue id="2024-26584" tracker="cve" />
  <issue id="2024-26585" tracker="cve" />
  <issue id="2024-26800" tracker="cve" />
  <issue id="2024-36974" tracker="cve" />
  <issue id="2024-38559" tracker="cve" />
  <issue id="2024-39494" tracker="cve" />
  <issue id="2024-40937" tracker="cve" />
  <issue id="2024-40956" tracker="cve" />
  <issue id="2024-41011" tracker="cve" />
  <issue id="2024-41059" tracker="cve" />
  <issue id="2024-41069" tracker="cve" />
  <issue id="2024-41090" tracker="cve" />
  <issue id="2024-42145" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>vkarasulli</packager>
  <reboot_needed/>
  <description>

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

- CVE-2020-26558: Fixed a flaw in the Bluetooth LE and BR/EDR secure pairing that could permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (bsc#1179610).
- CVE-2021-0129: Improper access control in BlueZ may have allowed an authenticated user to potentially enable information disclosure via adjacent access (bsc#1186463).
- CVE-2021-47126: ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions (bsc#1221539).
- CVE-2021-47219: scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() (bsc#1222824).
- CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions (bsc#1224918).
- CVE-2021-47506: nfsd: fix use-after-free due to delegation race (bsc#1225404).
- CVE-2021-47520: can: pch_can: pch_can_rx_normal: fix use after free (bsc#1225431).
- CVE-2021-47580: scsi: scsi_debug: Fix type in min_t to avoid stack OOB (bsc#1226550).
- CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1226574).
- CVE-2021-47600: dm btree remove: fix use after free in rebalance_children() (bsc#1226575).
- CVE-2022-48792: scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task (bsc#1228013).
- CVE-2022-48821: misc: fastrpc: avoid double fput() on failed usercopy (bsc#1227976).
- CVE-2023-52686: Fix a null pointer in opal_event_init() (bsc#1065729).
- CVE-2023-52885: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() (bsc#1227750).
- CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187).
- CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP (bsc#1226519).
- CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785).
- CVE-2024-39494: ima: Fix use-after-free on a dentry's dname.name (bsc#1227716).
- CVE-2024-40937: gve: Clear napi->skb before dev_kfree_skb_any() (bsc#1227836).
- CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list (bsc#1227810).
- CVE-2024-41011: drm/amdkfd: do not allow mapping the MMIO HDP page with large pages (bsc#1228114).
- CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228561).
- CVE-2024-41069: ASoC: topology: Fix route memory corruption (bsc#1228644).
- CVE-2024-41090: tap: add missing verification for short frame (bsc#1228328).
- CVE-2024-42145: IB/core: Implement a limit on UMAD receive List (bsc#1228743).

The following non-security bugs were fixed:

- Fix spurious WARNING caused by a qxl driver patch (bsc#1227213) 
- nfs: Clean up directory array handling (bsc#1226662).
- nfs: Clean up nfs_readdir_page_filler() (bsc#1226662).
- nfs: Clean up readdir struct nfs_cache_array (bsc#1226662).
- nfs: Do not discard readdir results (bsc#1226662).
- nfs: Do not overfill uncached readdir pages (bsc#1226662).
- nfs: Do not re-read the entire page cache to find the next cookie (bsc#1226662).
- nfs: Ensure contents of struct nfs_open_dir_context are consistent (bsc#1226662).
- nfs: Fix up directory verifier races (bsc#1226662).
- nfs: Further optimisations for 'ls -l' (bsc#1226662).
- nfs: More readdir cleanups (bsc#1226662).
- nfs: Reduce number of RPC calls when doing uncached readdir (bsc#1226662).
- nfs: Reduce use of uncached readdir (bsc#1226662).
- nfs: Support larger readdir buffers (bsc#1226662).
- nfs: Use the 64-bit server readdir cookies when possible (bsc#1226662).
- nfs: optimise readdir cache page invalidation (bsc#1226662).
- nfsv4.x: by default serialize open/close operations (bsc#1223863 bsc#1227362)
- ocfs2: fix DIO failure due to insufficient transaction credits (bsc#1216834).
- powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() (bsc#1227487).
- powerpc/rtas: clean up includes (bsc#1227487).
- x.509: Fix the parser of extended key usage for length (bsc#1218820, bsc#1226666).
</description>
<summary>Security update for the Linux Kernel</summary>
</patchinfo>

Places

File _patchinfo of Package patchinfo.35191

Places