Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:FrontRunner
patchinfo.32505
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.32505
<patchinfo incident="32505"> <issue id="1108281" tracker="bnc">kernel-source-azure should only be built for x86_64</issue> <issue id="1193285" tracker="bnc">[Build 67.2] io_pgetevents_time64 returns an event when max_nr == -1 (32bit compatibility layer)</issue> <issue id="1215275" tracker="bnc">VUL-0: CVE-2023-4921: kernel: use-after-free in net/sched: sch_qfq component</issue> <issue id="1216702" tracker="bnc">VUL-0: CVE-2023-47233: kernel: Use after Free bug in brcmf_cfg80211_detach</issue> <issue id="1217987" tracker="bnc">VUL-0: CVE-2023-6356: kernel: NULL pointer dereference in nvmet_tcp_build_pdu_iovec</issue> <issue id="1217988" tracker="bnc">VUL-0: CVE-2023-6535: kernel: NULL pointer dereference in nvmet_tcp_execute_request</issue> <issue id="1217989" tracker="bnc">VUL-0: CVE-2023-6536: kernel: NULL pointer dereference in __nvmet_req_complete</issue> <issue id="1218713" tracker="bnc">Reduce old changelog entries and keep in kernel-docs</issue> <issue id="1218730" tracker="bnc">VUL-0: CVE-2023-51780: kernel: use-after-free in net/atm/ioctl.c</issue> <issue id="1218752" tracker="bnc">VUL-0: CVE-2023-6040: kernel: netfilter out-of-bounds access</issue> <issue id="1218757" tracker="bnc">VUL-0: CVE-2023-51782: kernel-source,kernel-source-azure,kernel-source-rt: use-after-free because of a rose_accept race condition</issue> <issue id="1218768" tracker="bnc">[SLE15SP6] sysctl-loggers fails to build with the latest 6.4 kernel of the week</issue> <issue id="1218804" tracker="bnc">VUL-0: CVE-2023-6915: kernel: Null Pointer Dereference vulnerability in ida_free in lib/idr.c</issue> <issue id="1218832" tracker="bnc">VUL-0: CVE-2024-0565: kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability</issue> <issue id="1218836" tracker="bnc">VUL-0: CVE-2023-46838: kernel-source: netback processing of zero-length transmit fragment (XSA-448)</issue> <issue id="1219053" tracker="bnc">VUL-0: CVE-2024-0775: kernel: use-after-free while changing the mount option in __ext4_remount leading</issue> <issue id="1219120" tracker="bnc">VUL-0: CVE-2023-51043: kernel: use-after-free during a race condition between a nonblocking atomic commit and a driver unload in drivers/gpu/drm/drm_atomic.c</issue> <issue id="1219412" tracker="bnc">VUL-0: CVE-2021-33631: kernel: integer overflow in ext4_write_inline_data_end()</issue> <issue id="1219434" tracker="bnc">VUL-0: CVE-2024-1086: kernel: nf_tables: use-after-free vulnerability in the nft_verdict_init() function</issue> <issue id="2024-1086" tracker="cve" /> <issue id="2023-51780" tracker="cve" /> <issue id="2023-46838" tracker="cve" /> <issue id="2021-33631" tracker="cve" /> <issue id="2023-6535" tracker="cve" /> <issue id="2023-6536" tracker="cve" /> <issue id="2023-6356" tracker="cve" /> <issue id="2023-47233" tracker="cve" /> <issue id="2023-4921" tracker="cve" /> <issue id="2023-51043" tracker="cve" /> <issue id="2024-0775" tracker="cve" /> <issue id="2024-0565" tracker="cve" /> <issue id="2023-6915" tracker="cve" /> <issue id="2023-6040" tracker="cve" /> <issue id="2023-51782" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>jdelvare</packager> <reboot_needed/> <description> The SUSE Linux Enterprise 15 SP2 LTSS kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219434). - CVE-2024-0775: Fixed use-after-free in __ext4_remount in fs/ext4/super.c that could allow a local user to cause an information leak problem while freeing the old quota file names before a potential failure (bsc#1219053). - CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1218832). - CVE-2023-6915: Fixed a NULL pointer dereference problem in ida_free in lib/idr.c (bsc#1218804). - CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989). - CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988). - CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987). - CVE-2023-6040: Fixed an out-of-bounds access vulnerability while creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function (bsc#1218752). - CVE-2023-51782: Fixed use-after-free in rose_ioctl in net/rose/af_rose.c because of a rose_accept race condition (bsc#1218757). - CVE-2023-51780: Fixed a use-after-free in do_vcc_ioctl in net/atm/ioctl.c, because of a vcc_recvmsg race condition (bsc#1218730). - CVE-2023-51043: Fixed use-after-free during a race condition between a nonblocking atomic commit and a driver unload in drivers/gpu/drm/drm_atomic.c (bsc#1219120). - CVE-2023-4921: Fixed a use-after-free vulnerability in the QFQ network scheduler which could be exploited to achieve local privilege escalation (bsc#1215275). - CVE-2023-47233: Fixed a use-after-free in the device unplugging (disconnect the USB by hotplug) code inside the brcm80211 component (bsc#1216702). - CVE-2023-46838: Fixed an issue with Xen netback processing of zero-length transmit fragment (bsc#1218836). - CVE-2021-33631: Fixed an integer overflow in ext4_write_inline_data_end() (bsc#1219412). The following non-security bugs were fixed: - build: Limit kernel-source build to architectures for which the kernel binary is built (bsc#1108281). - docs: Store the old kernel changelog entries in kernel-docs package (bsc#1218713) - mkspec: Include constraints for both multibuild and plain package always - rpm/kernel-docs.spec.in: fix build with 6.8 Since upstream commit f061c9f7d058 - rpm/kernel-source.rpmlintrc: add action-ebpf Upstream commit a79d8ba734bd - rpm/mkspec: use kernel-source: prefix for constraints on multibuild Otherwise the constraints are not applied with multibuild enabled. - x86/entry/ia32: Ensure s32 is sign extended to s64 (bsc#1193285). </description> <summary>Security update for the Linux Kernel</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor