Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:FrontRunner
patchinfo.29710
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.29710
<patchinfo incident="29710"> <issue id="1160435" tracker="bnc">5.5 kernel-docs package build failure</issue> <issue id="1198400" tracker="bnc">VUL-0: kernel: save/restore speculative MSRs during S3 suspend/resume</issue> <issue id="1208604" tracker="bnc">VUL-0: CVE-2023-1079: kernel: Use After Free in asus_remove()</issue> <issue id="1209039" tracker="bnc">VUL-0: CVE-2023-1249: kernel: missing mmap_lock in fill_files_note that could possibly lead to a use after free in the coredump code</issue> <issue id="1209779" tracker="bnc">VUL-0: CVE-2023-1637: kernel: save/restore speculative MSRs during S3 suspend/resume</issue> <issue id="1210533" tracker="bnc">VUL-0: CVE-2023-2002: kernel-source-azure,kernel-source-rt,kernel-source: unauthorized management command execution</issue> <issue id="1211449" tracker="bnc">VUL-1: kernel: Use after free bug in r592_remov due to race condition</issue> <issue id="1212051" tracker="bnc">VUL-0: CVE-2023-3111: kernel: Use after free in prepare_to_relocate in fs/btrfs/relocation.c</issue> <issue id="1212128" tracker="bnc">VUL-0: CVE-2023-3159: kernel-source,kernel-source-azure,kernel-source-rt: kernel: use after free issue in driver/firewire in outbound_phy_packet_callback</issue> <issue id="1212129" tracker="bnc">VUL-0: CVE-2023-3141: kernel-source,kernel-source-azure,kernel-source-rt: kernel: Use after free bug in r592_remove</issue> <issue id="1212154" tracker="bnc">VUL-0: CVE-2023-3161: kernel: fbcon: shift-out-of-bounds in fbcon_set_font()</issue> <issue id="1212158" tracker="bnc">kernel-docs missing top level chapter numbers</issue> <issue id="1212501" tracker="bnc">VUL-0: CVE-2023-35824: kernel-source-azure,kernel-source-rt,kernel-source: Use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c</issue> <issue id="1212502" tracker="bnc">VUL-0: CVE-2023-3268: kernel: out-of-bounds access in relay_file_read</issue> <issue id="1212606" tracker="bnc">VUL-0: CVE-2023-3358: kernel-source-azure,kernel-source-rt,kernel-source: NULL Pointer Dereference in drivers/hid/intel-ish-hid/ishtp/dma-if.c</issue> <issue id="1212842" tracker="bnc">VUL-0: CVE-2023-3090: kernel: heap out-of-bounds vulnerability in the ipvlan network driver could lead to local privilege escalation</issue> <issue id="2023-1079" tracker="cve" /> <issue id="2023-1249" tracker="cve" /> <issue id="2023-1637" tracker="cve" /> <issue id="2023-2002" tracker="cve" /> <issue id="2023-3090" tracker="cve" /> <issue id="2023-3111" tracker="cve" /> <issue id="2023-3141" tracker="cve" /> <issue id="2023-3159" tracker="cve" /> <issue id="2023-3161" tracker="cve" /> <issue id="2023-3268" tracker="cve" /> <issue id="2023-3358" tracker="cve" /> <issue id="2023-35824" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>alix82</packager> <reboot_needed/> <description> The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-1079: Fixed a use-after-free problem that could have been triggered in asus_kbd_backlight_set when plugging/disconnecting a malicious USB device (bsc#1208604). - CVE-2023-1249: Fixed a use-after-free flaw in the core dump subsystem that allowed a local user to crash the system (bsc#1209039). - CVE-2023-1637: Fixed vulnerability that could lead to unauthorized access to CPU memory after resuming CPU from suspend-to-RAM (bsc#1209779). - CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication (bsc#1210533). - CVE-2023-3090: Fixed a heap out-of-bounds write in the ipvlan network driver (bsc#1212842). - CVE-2023-3111: Fixed a use-after-free vulnerability in prepare_to_relocate in fs/btrfs/relocation.c (bsc#1212051). - CVE-2023-3141: Fixed a use-after-free flaw in r592_remove in drivers/memstick/host/r592.c, that allowed local attackers to crash the system at device disconnect (bsc#1212129). - CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212128). - CVE-2023-3161: Fixed shift-out-of-bounds in fbcon_set_font() (bsc#1212154). - CVE-2023-3268: Fixed an out of bounds flaw in relay_file_read_start_pos in kernel/relay.c that allowed a local attacker to crash the system or leak kernel internal information (bsc#1212502). - CVE-2023-3358: Fixed a NULL pointer dereference flaw in the Integrated Sensor Hub (ISH) driver (bsc#1212606). - CVE-2023-35824: Fixed a use-after-free in dm1105_remove in drivers/media/pci/dm1105/dm1105.c (bsc#1212501). The following non-security bugs were fixed: - Fix missing top level chapter numbers on SLE12 SP5 (bsc#1212158). - Move setting %%build_html to config.sh - Move setting %%split_optional to config.sh - Move setting %%supported_modules_check to config.sh - rpm/kernel-binary.spec.in: Fix compatibility wth newer rpm - rpm/kernel-docs.spec.in: pass PYTHON=python3 to fix build error (bsc#1160435) </description> <summary>Security update for the Linux Kernel</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor