Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
patchinfo.30228
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.30228
<patchinfo incident="30228"> <issue id="1199304" tracker="bnc">defragfs.ocfs2 triggered kernel crash</issue> <issue id="1206418" tracker="bnc">VUL-0: CVE-2022-40982: transient execution attack "Gather Data Sampling"</issue> <issue id="1207270" tracker="bnc">L3: Backport Request for locking/rwsem commits</issue> <issue id="1210584" tracker="bnc">VUL-0: kernel: buffer overflow in mtd_ubi build.c:::io_init</issue> <issue id="1211131" tracker="bnc">VUL-0: CVE-2023-2156: kernel-source-rt,kernel-source,kernel-source-azure: Linux Kernel IPv6 RPL Protocol Reachable Assertion Denial-of-Service Vulnerability</issue> <issue id="1211738" tracker="bnc">VUL-0: CVE-2023-0459: kernel-source-azure,kernel-source-rt,kernel-source: Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the "access_ok" check</issue> <issue id="1211867" tracker="bnc">VUL-0: CVE-2023-2985: kernel-source-azure,kernel-source,kernel-source-rt: hfs: use-after-free issue in hfsplus_release_folio in fs/hfsplus/super.c</issue> <issue id="1212301" tracker="bnc">[Azure][MANA][VLANTagging] Support for VLAN Tagging for MANA</issue> <issue id="1212741" tracker="bnc">Missing crossreferences when building kernel-docs with python2 on SLE15</issue> <issue id="1212835" tracker="bnc">make modules_install fails with kmod-30-4.1</issue> <issue id="1212846" tracker="bnc">VUL-0: CVE-2023-3390: kernel-source-azure,kernel-source-rt,kernel-source: use-after-free in the netfilter subsystem in net/netfilter/nf_tables_api.c</issue> <issue id="1213059" tracker="bnc">VUL-0: CVE-2023-35001: kernel: nf_tables nft_byteorder_eval OOB read/write</issue> <issue id="1213061" tracker="bnc">VUL-0: CVE-2023-31248: kernel: nf_tables UAF when using nft_chain_lookup_byid</issue> <issue id="1213167" tracker="bnc">VUL-0: CVE-2023-3567: kernel-source,kernel-source-rt,kernel-source-azure: use after free in vcs_read() in the vc_screen driver due to race condition</issue> <issue id="1213245" tracker="bnc">VUL-0: CVE-2023-3117: kernel: UAF in nftables when nft_set_lookup_global triggered after handling named and anonymous sets in batch requests</issue> <issue id="1213286" tracker="bnc">VUL-0: CVE-2023-20593: kernel,kernel-firmware: AMD CPU: "ZenBleed": VZEROUPPER does not clear upper bits under certain conditions</issue> <issue id="1213287" tracker="bnc">VUL-0: CVE-2023-20569: kernel-source, kernel-firmware: AMD CPU "Inception" issue</issue> <issue id="1213354" tracker="bnc">cifs.ko - backport for fixing DNS resolution over reconnect</issue> <issue id="1213543" tracker="bnc">VUL-0: CVE-2023-3812: kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags</issue> <issue id="1213585" tracker="bnc">VUL-0: CVE-2023-3611: kernel-source-rt,kernel-source,kernel-source-azure: out-of-bounds read/write due to an unbounded overhead value in interface size table</issue> <issue id="1213586" tracker="bnc">VUL-0: CVE-2023-3609: kernel: use-after-free in net/sched: cls_u32 can lead to local privilege escalation</issue> <issue id="1213588" tracker="bnc">VUL-0: CVE-2023-3776: kernel-source-rt,kernel-source-azure,kernel-source: use-after-free vulnerability the cls_fw component</issue> <issue id="1213653" tracker="bnc">L3: bfq RIP: bfqq_request_over_limit+732</issue> <issue id="1213868" tracker="bnc">kvmsmall config breaks due to asm/microcode_amd.h header inclusion</issue> <issue id="2023-20569" tracker="cve" /> <issue id="2022-40982" tracker="cve" /> <issue id="2023-0459" tracker="cve" /> <issue id="2023-2156" tracker="cve" /> <issue id="2023-3611" tracker="cve" /> <issue id="2023-3609" tracker="cve" /> <issue id="2023-3776" tracker="cve" /> <issue id="2023-3567" tracker="cve" /> <issue id="2023-3812" tracker="cve" /> <issue id="2023-31248" tracker="cve" /> <issue id="2023-35001" tracker="cve" /> <issue id="2023-3390" tracker="cve" /> <issue id="2023-3117" tracker="cve" /> <issue id="2023-20593" tracker="cve" /> <issue id="2023-2985" tracker="cve" /> <issue id="PED-4567" tracker="jsc" /> <category>security</category> <rating>important</rating> <packager>vliaskovitis</packager> <reboot_needed/> <description> The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-40982: Fixed transient execution attack called "Gather Data Sampling" (bsc#1206418). - CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec (bsc#1211738). - CVE-2023-20569: Fixed side channel attack ‘Inception’ or ‘RAS Poisoning’ (bsc#1213287). - CVE-2023-20593: Fixed a ZenBleed issue in "Zen 2" CPUs that could allow an attacker to potentially access sensitive information (bsc#1213286). - CVE-2023-2156: Fixed a flaw in the networking subsystem within the handling of the RPL protocol (bsc#1211131). - CVE-2023-2985: Fixed an use-after-free vulnerability in hfsplus_put_super in fs/hfsplus/super.c that could allow a local user to cause a denial of service (bsc#1211867). - CVE-2023-3117: Fixed an use-after-free vulnerability in the netfilter subsystem when processing named and anonymous sets in batch requests that could allow a local user with CAP_NET_ADMIN capability to crash or potentially escalate their privileges on the system (bsc#1213245). - CVE-2023-31248: Fixed an use-after-free vulnerability in nft_chain_lookup_byid that could allow a local attacker to escalate their privilege (bsc#1213061). - CVE-2023-3390: Fixed an use-after-free vulnerability in the netfilter subsystem in net/netfilter/nf_tables_api.c that could allow a local attacker with user access to cause a privilege escalation issue (bsc#1212846). - CVE-2023-35001: Fixed an out-of-bounds memory access flaw in nft_byteorder that could allow a local attacker to escalate their privilege (bsc#1213059). - CVE-2023-3567: Fixed a use-after-free in vcs_read in drivers/tty/vt/vc_screen.c (bsc#1213167). - CVE-2023-3609: Fixed reference counter leak leading to overflow in net/sched (bsc#1213586). - CVE-2023-3611: Fixed an out-of-bounds write in net/sched sch_qfq(bsc#1213585). - CVE-2023-3776: Fixed improper refcount update in cls_fw leads to use-after-free (bsc#1213588). - CVE-2023-3812: Fixed an out-of-bounds memory access flaw in the TUN/TAP device driver functionality that could allow a local user to crash or potentially escalate their privileges on the system (bsc#1213543). The following non-security bugs were fixed: - arm: cpu: switch to arch_cpu_finalize_init() (bsc#1206418). - block, bfq: fix division by zero error on zero wsum (bsc#1213653). - get module prefix from kmod (bsc#1212835). - init, x86: move mem_encrypt_init() into arch_cpu_finalize_init() (bsc#1206418). - init: invoke arch_cpu_finalize_init() earlier (bsc#1206418). - init: provide arch_cpu_finalize_init() (bsc#1206418). - init: remove check_bugs() leftovers (bsc#1206418). - jbd2: export jbd2_journal_[grab|put]_journal_head (bsc#1199304). - kernel-binary.spec.in: remove superfluous %% in supplements fixes: 02b7735e0caf ("rpm/kernel-binary.spec.in: add enhances and supplements tags to in-tree kmps") - kernel-docs: add buildrequires on python3-base when using python3 the python3 binary is provided by python3-base. - kernel-docs: use python3 together with python3-sphinx (bsc#1212741). - keys: do not cache key in task struct if key is requested from kernel thread (bsc#1213354). - lockdep: add preemption enabled/disabled assertion apis (bsc#1207270 jsc#ped-4567). - locking/rwsem: add __always_inline annotation to __down_read_common() and inlined callers (bsc#1207270 jsc#ped-4567). - locking/rwsem: allow slowpath writer to ignore handoff bit if not set by first waiter (bsc#1207270 jsc#ped-4567). - locking/rwsem: always try to wake waiters in out_nolock path (bsc#1207270 jsc#ped-4567). - locking/rwsem: better collate rwsem_read_trylock() (bsc#1207270 jsc#ped-4567). - locking/rwsem: conditionally wake waiters in reader/writer slowpaths (bsc#1207270 jsc#ped-4567). - locking/rwsem: disable preemption for spinning region (bsc#1207270 jsc#ped-4567). - locking/rwsem: disable preemption in all down_read*() and up_read() code paths (bsc#1207270 jsc#ped-4567). - locking/rwsem: disable preemption in all down_write*() and up_write() code paths (bsc#1207270 jsc#ped-4567). - locking/rwsem: disable preemption while trying for rwsem lock (bsc#1207270 jsc#ped-4567). - locking/rwsem: enable reader optimistic lock stealing (bsc#1207270 jsc#ped-4567). - locking/rwsem: fix comment typo (bsc#1207270 jsc#ped-4567). - locking/rwsem: fix comments about reader optimistic lock stealing conditions (bsc#1207270 jsc#ped-4567). - locking/rwsem: fold __down_{read,write}*() (bsc#1207270 jsc#ped-4567). - locking/rwsem: introduce rwsem_write_trylock() (bsc#1207270 jsc#ped-4567). - locking/rwsem: make handoff bit handling more consistent (bsc#1207270 jsc#ped-4567). - locking/rwsem: no need to check for handoff bit if wait queue empty (bsc#1207270 jsc#ped-4567). - locking/rwsem: optimize down_read_trylock() under highly contended case (bsc#1207270 jsc#ped-4567). - locking/rwsem: pass the current atomic count to rwsem_down_read_slowpath() (bsc#1207270 jsc#ped-4567). - locking/rwsem: prevent non-first waiter from spinning in down_write() slowpath (bsc#1207270 jsc#ped-4567). - locking/rwsem: prevent potential lock starvation (bsc#1207270 jsc#ped-4567). - locking/rwsem: remove an unused parameter of rwsem_wake() (bsc#1207270 jsc#ped-4567). - locking/rwsem: remove reader optimistic spinning (bsc#1207270 jsc#ped-4567). - locking: add missing __sched attributes (bsc#1207270 jsc#ped-4567). - locking: remove rcu_read_{,un}lock() for preempt_{dis,en}able() (bsc#1207270 jsc#ped-4567). - net/sched: sch_qfq: refactor parsing of netlink parameters (bsc#1213585). - net: mana: add support for vlan tagging (bsc#1212301). - ocfs2: fix a deadlock when commit trans (bsc#1199304). - ocfs2: fix defrag path triggering jbd2 assert (bsc#1199304). - ocfs2: fix race between searching chunks and release journal_head from buffer_head (bsc#1199304). - remove more packaging cruft for sle &lt; 12 sp3 - rpm/check-for-config-changes: ignore also pahole_has_* we now also have options like config_pahole_has_lang_exclude. - rpm/check-for-config-changes: ignore also riscv_isa_* and dynamic_sigframe they depend on config_toolchain_has_*. - rwsem: implement down_read_interruptible (bsc#1207270 jsc#ped-4567). - rwsem: implement down_read_killable_nested (bsc#1207270 jsc#ped-4567). - ubi: ensure that vid header offset + vid header size &lt;= alloc, size (bsc#1210584). - ubi: fix failure attaching when vid_hdr offset equals to (sub)page size (bsc#1210584). - usrmerge: adjust module path in the kernel sources (bsc#1212835). - x86/cpu: switch to arch_cpu_finalize_init() (bsc#1206418). - x86/fpu: remove cpuinfo argument from init functions (bsc#1206418). - x86/microcode/AMD: Make stub function static inline (bsc#1213868). </description> <summary>Security update for the Linux Kernel</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor