File _patchinfo of Package patchinfo.22644

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.22644

<patchinfo incident="22644">
  <issue id="1177599" tracker="bnc">NVMe Native Multipathing: apply round-robin I/O policy to ANA-capable devices</issue>
  <issue id="1183405" tracker="bnc">Delayed outgoing packets causing NFS timeouts</issue>
  <issue id="1185377" tracker="bnc">xfrm MTU discovery is broken</issue>
  <issue id="1188605" tracker="bnc">[pfifo_fast,core count, GEC] MPI Benchmarks stall with qdisc pfifo_fast if (# queues) &lt; (# CPU cores)</issue>
  <issue id="1193096" tracker="bnc">udev error reported in /var/log/messages when expanding the NVMe/TCP LUN size on PowerStore</issue>
  <issue id="1193506" tracker="bnc">MANA patch set to support XDP and Hibernation</issue>
  <issue id="1193861" tracker="bnc">VUL-1: CVE-2021-39648: kernel-source-azure,kernel-source-rt,kernel-source: In gadget_dev_desc_UDC_show of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. This could lead to local information disclos</issue>
  <issue id="1193864" tracker="bnc">VUL-1: CVE-2021-39657: kernel-source-azure,kernel-source,kernel-source-rt: In ufshcd_eh_device_reset_handler of ufshcd.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure</issue>
  <issue id="1193867" tracker="bnc">VUL-1: CVE-2021-45095: kernel-source-azure,kernel-source-rt,kernel-source: pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak.</issue>
  <issue id="1194048" tracker="bnc">L3: IPv6 packets dropped with small MTU after fix from bsc#1185377 [ref:_00D1igLOd._5001io9KXd:ref]</issue>
  <issue id="1194227" tracker="bnc">VUL-0: CVE-2021-4159: kernel-source: another kernel ptr leak vulnerability via BPF in coerce_reg_to_size</issue>
  <issue id="1194880" tracker="bnc">VUL-0: CVE-2022-0330: kernel-source: Security sensitive bug in the i915 kernel driver</issue>
  <issue id="1195009" tracker="bnc">L3: Btrfs root file system in readonly status after error i add_inline_refs.isra code</issue>
  <issue id="1195065" tracker="bnc">VUL-0: CVE-2022-22942: kernel-source: Vulnerability in the vmwgfx driver</issue>
  <issue id="1195184" tracker="bnc">VUL-0: CVE-2021-22600: kernel-source,kernel-source-rt,kernel-source-azure: A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service</issue>
  <issue id="1195254" tracker="bnc">VUL-0: EMBARGOED: CVE-2022-0435: kernel-source: tipc: Remote Stack Overflow in Linux Kernel</issue>
  <issue id="2021-45095" tracker="cve" />
  <issue id="2022-22942" tracker="cve" />
  <issue id="2021-22600" tracker="cve" />
  <issue id="2021-39657" tracker="cve" />
  <issue id="2021-39648" tracker="cve" />
  <issue id="2022-0330" tracker="cve" />
  <issue id="2022-0435" tracker="cve" />
  <category>security</category>
  <rating>critical</rating>
  <packager>mkubecek</packager>
  <reboot_needed/>
  <description>
The SUSE Linux Enterprise 15 SP2 LTSS kernel was updated receive various security and bugfixes.

The following security bugs were fixed:

- CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input (bsc#1195254).
- CVE-2021-45095: Fixed refcount leak in pep_sock_accept in net/phonet/pep.c (bnc#1193867).
- CVE-2022-22942: Fixed stale file descriptors on failed usercopy (bsc#1195065).
- CVE-2021-22600: Fixed double free bug in packet_set_ring() in net/packet/af_packet.c that could have been exploited by a local user through crafted syscalls to escalate privileges or deny service (bnc#1195184).
- CVE-2021-39657: Fixed out of bounds read due to a missing bounds check in ufshcd_eh_device_reset_handler of ufshcd.c. This could lead to local information disclosure with System execution privileges needed (bnc#1193864).
- CVE-2021-39648: Fixed possible disclosure of kernel heap memory due to a race condition in gadget_dev_desc_UDC_show of configfs.c. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation (bnc#1193861).
- CVE-2022-0330: Fixed flush TLBs before releasing backing store (bsc#1194880).

The following non-security bugs were fixed:

- bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() (bsc#1194227).
- btrfs: tree-checker: Add EXTENT_ITEM and METADATA_ITEM check (bsc#1195009).
- btrfs: tree-checker: annotate all error branches as unlikely (bsc#1195009).
- btrfs: tree-checker: check for BTRFS_BLOCK_FLAG_FULL_BACKREF being set improperly (bsc#1195009).
- hv_netvsc: Set needed_headroom according to VF (bsc#1193506).
- net, xdp: Introduce xdp_init_buff utility routine (bsc#1193506).
- net, xdp: Introduce xdp_prepare_buff utility routine (bsc#1193506).
- net: allow retransmitting a TCP packet if original is still in queue (bsc#1188605 bsc#1187428).
- net: mana: Add RX fencing (bsc#1193506).
- net: mana: Add XDP support (bsc#1193506).
- net: sch_generic: aviod concurrent reset and enqueue op for lockless qdisc (bsc#1183405).
- net: sched: add barrier to ensure correct ordering for lockless qdisc (bsc#1183405).
- net: sched: avoid unnecessary seqcount operation for lockless qdisc (bsc#1183405).
- net: sched: fix packet stuck problem for lockless qdisc (bsc#1183405).
- net: sched: fix tx action reschedule issue with stopped queue (bsc#1183405).
- net: sched: fix tx action rescheduling issue during deactivation (bsc#1183405).
- net: sched: replaced invalid qdisc tree flush helper in qdisc_replace (bsc#1183405).
- net_sched: avoid resetting active qdisc for multiple times (bsc#1183405).
- net_sched: get rid of unnecessary dev_qdisc_reset() (bsc#1183405).
- net_sched: use qdisc_reset() in qdisc_destroy() (bsc#1183405).
- nvme: add 'iopolicy' module parameter (bsc#1177599 bsc#1193096).
- xfrm: fix MTU regression (bsc#1185377, bsc#1194048).
</description>
<summary>Security update for the Linux Kernel</summary>
</patchinfo>

Places

File _patchinfo of Package patchinfo.22644

Places