Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15-SP4
patchinfo.34559
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.34559
<patchinfo incident="34559"> <issue id="1171988" tracker="bnc">VUL-0: CVE-2020-10135: Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjac</issue> <issue id="1191958" tracker="bnc">VUL-0: CVE-2021-43389: kernel-source,kernel-source-azure,kernel-source-rt: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c</issue> <issue id="1195065" tracker="bnc">VUL-0: CVE-2022-22942: kernel-source: Vulnerability in the vmwgfx driver</issue> <issue id="1195254" tracker="bnc">VUL-0: CVE-2022-0435: kernel-source: tipc: Remote Stack Overflow in Linux Kernel</issue> <issue id="1202623" tracker="bnc">VUL-0: CVE-2022-2938: kernel: use-after-free when psi trigger is destroyed while being polled.</issue> <issue id="1218148" tracker="bnc">VUL-0: CVE-2023-24023: BLUFFS: kernel: Bluetooth Forward and Future Secrecy Attacks and Defenses</issue> <issue id="1219224" tracker="bnc">OCFS2 writes delay on large volumes - slow la window lookup from global_bitmap</issue> <issue id="1222015" tracker="bnc">L3: TSC clocksource spuriously declared invalid in 12+ socket Sapphire Rapids systems</issue> <issue id="1223138" tracker="bnc">VUL-0: CVE-2024-26921: kernel: inet: inet_defrag: prevent sk release while still in use</issue> <issue id="1223384" tracker="bnc">VUL-0: CVE-2024-26923: kernel: af_unix: fix garbage collector racing against connect()</issue> <issue id="1224671" tracker="bnc">VUL-0: CVE-2024-35878: kernel: of: module: prevent NULL pointer dereference in vsnprintf()</issue> <issue id="1224703" tracker="bnc">VUL-0: CVE-2024-35950: kernel: drm/client: Fully protect modes[] with dev->mode_config.mutex</issue> <issue id="1224749" tracker="bnc">VUL-0: CVE-2024-35789: kernel: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes</issue> <issue id="1224764" tracker="bnc">VUL-0: CVE-2024-35862: kernel: smb: client: fix potential UAF in smb2_is_network_name_deleted()</issue> <issue id="1224765" tracker="bnc">VUL-0: CVE-2024-35864: kernel: smb: client: fix potential UAF in smb2_is_valid_lease_break()</issue> <issue id="1224766" tracker="bnc">VUL-0: CVE-2024-35861: kernel: smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect()</issue> <issue id="1224865" tracker="bnc">VUL-0: CVE-2021-47247: kernel: net/mlx5e: Fix use-after-free of encap entry in neigh update handler</issue> <issue id="1225010" tracker="bnc">VUL-0: CVE-2021-47311: kernel: net: qcom/emac: fix UAF in emac_remove</issue> <issue id="1225047" tracker="bnc">VUL-0: CVE-2021-47328: kernel: scsi: iscsi: Fix conn use after free during resets</issue> <issue id="1225109" tracker="bnc">VUL-0: CVE-2023-52707: kernel: sched/psi: Fix use-after-free in ep_remove_wait_queue()</issue> <issue id="1225161" tracker="bnc">VUL-0: CVE-2021-47368: kernel: enetc: fix illegal access when reading affinity_hint</issue> <issue id="1225184" tracker="bnc">VUL-0: CVE-2021-47372: kernel: net: macb: fix use after free on rmmod</issue> <issue id="1225203" tracker="bnc">VUL-0: CVE-2021-47379: kernel: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd</issue> <issue id="1225487" tracker="bnc">VUL-0: CVE-2023-52752: kernel: smb: client: fix use-after-free bug in cifs_debug_data_proc_show()</issue> <issue id="1225518" tracker="bnc">VUL-0: CVE-2021-47571: kernel: staging: rtl8192e: fix use after free in _rtl92e_pci_disconnect()</issue> <issue id="1225611" tracker="bnc">VUL-0: CVE-2023-52881: kernel: tcp: do not accept ACK of bytes we never sent</issue> <issue id="1225732" tracker="bnc">VUL-0: CVE-2024-36904: kernel: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique().</issue> <issue id="1225749" tracker="bnc">VUL-0: CVE-2024-36894: kernel: usb: gadget: f_fs: fix race between aio_cancel() and AIO request complete</issue> <issue id="1225840" tracker="bnc">VUL-0: CVE-2024-36940: kernel: pinctrl: core: delete incorrect free in pinctrl_enable()</issue> <issue id="1225866" tracker="bnc">VUL-0: CVE-2024-36964: kernel: fs/9p: only translate RWX permissions for plain 9P2000</issue> <issue id="1226563" tracker="bnc">VUL-0: CVE-2021-47583: kernel: media: mxl111sf: change mutex_init() location</issue> <issue id="1226587" tracker="bnc">VUL-0: CVE-2024-38541: kernel: of: module: add buffer overflow check in of_modalias()</issue> <issue id="1226595" tracker="bnc">VUL-0: CVE-2024-38545: kernel: RDMA/hns: Fix UAF for cq async event</issue> <issue id="1226670" tracker="bnc">VUL-0: CVE-2021-4439: kernel: isdn: cpai: check ctr->cnr to avoid array index out of bound</issue> <issue id="1226672" tracker="bnc">VUL-0: CVE-2022-48711: kernel: tipc: improve size validations for received domain records</issue> <issue id="1226712" tracker="bnc">VUL-0: CVE-2022-48760: kernel: USB: core: Fix hang in usb_kill_urb by adding memory barriers</issue> <issue id="1226732" tracker="bnc">VUL-0: CVE-2022-48771: kernel: drm/vmwgfx: Fix stale file descriptors on failed usercopy</issue> <issue id="1226758" tracker="bnc">VUL-0: CVE-2024-38610: kernel: drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map()</issue> <issue id="1226786" tracker="bnc">VUL-0: CVE-2024-38560: kernel: scsi: bfa: ensure the copied buf is NUL terminated</issue> <issue id="1226962" tracker="bnc">TSC clocksource spuriously declared invalid in 12+ socket Sapphire Rapids systems</issue> <issue id="2020-10135" tracker="cve" /> <issue id="2021-3896" tracker="cve" /> <issue id="2021-43389" tracker="cve" /> <issue id="2021-4439" tracker="cve" /> <issue id="2021-47247" tracker="cve" /> <issue id="2021-47311" tracker="cve" /> <issue id="2021-47328" tracker="cve" /> <issue id="2021-47368" tracker="cve" /> <issue id="2021-47372" tracker="cve" /> <issue id="2021-47379" tracker="cve" /> <issue id="2021-47571" tracker="cve" /> <issue id="2021-47583" tracker="cve" /> <issue id="2022-0435" tracker="cve" /> <issue id="2022-22942" tracker="cve" /> <issue id="2022-2938" tracker="cve" /> <issue id="2022-48711" tracker="cve" /> <issue id="2022-48760" tracker="cve" /> <issue id="2022-48771" tracker="cve" /> <issue id="2023-24023" tracker="cve" /> <issue id="2023-52707" tracker="cve" /> <issue id="2023-52752" tracker="cve" /> <issue id="2023-52881" tracker="cve" /> <issue id="2024-26921" tracker="cve" /> <issue id="2024-26923" tracker="cve" /> <issue id="2024-35789" tracker="cve" /> <issue id="2024-35861" tracker="cve" /> <issue id="2024-35862" tracker="cve" /> <issue id="2024-35864" tracker="cve" /> <issue id="2024-35878" tracker="cve" /> <issue id="2024-35950" tracker="cve" /> <issue id="2024-36894" tracker="cve" /> <issue id="2024-36904" tracker="cve" /> <issue id="2024-36940" tracker="cve" /> <issue id="2024-36964" tracker="cve" /> <issue id="2024-38541" tracker="cve" /> <issue id="2024-38545" tracker="cve" /> <issue id="2024-38559" tracker="cve" /> <issue id="2024-38560" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>jdelvare</packager> <reboot_needed/> <description> The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47247: net/mlx5e: Fix use-after-free of encap entry in neigh update handler (bsc#1224865). - CVE-2021-47311: net: qcom/emac: fix UAF in emac_remove (bsc#1225010). - CVE-2021-47368: enetc: Fix illegal access when reading affinity_hint (bsc#1225161). - CVE-2021-47372: net: macb: fix use after free on rmmod (bsc#1225184). - CVE-2021-47379: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd (bsc#1225203). - CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518). - CVE-2022-2938: psi: Fix uaf issue when psi trigger is destroyed while being polled (bsc#1202623). - CVE-2022-48760: USB: core: Fix hang in usb_kill_urb by adding memory barriers (bsc#1226712). - CVE-2023-52707: sched/psi: Fix use-after-free in ep_remove_wait_queue() (bsc#1225109). - CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487). - CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611). - CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138). - CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384). - CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749). - CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766). - CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764). - CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765). - CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703). - CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749). - CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732). - CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840). - CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866). - CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595) - CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226758). - CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786). The following non-security bugs were fixed: - ocfs2: adjust enabling place for la window (bsc#1219224). - ocfs2: fix sparse warnings (bsc#1219224). - ocfs2: improve write IO performance when fragmentation is high (bsc#1219224). - ocfs2: speed up chain-list searching (bsc#1219224). - x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962). - x86/xen: Drop USERGS_SYSRET64 paravirt call (git-fixes). </description> <summary>Security update for the Linux Kernel</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor