1
0
forked from pool/kernel-source

GIT Revision: ced5d17b56330ac568f27a497297463ea73ad563

GIT Branch: SLE11-SP4-LTSS
2026-07-04 06:21:00 +0000
This commit is contained in:
2026-07-08 08:04:28 +02:00
parent b0d0037389
commit f50cd2ff0d
24 changed files with 679 additions and 16 deletions
+64
View File
@@ -1,3 +1,67 @@
-------------------------------------------------------------------
Fri Jul 3 08:52:35 CEST 2026 - jgross@suse.com
- KVM: x86: Fix shadow paging use-after-free due to unexpected
role (git-fixes).
- commit d1a4dd0
-------------------------------------------------------------------
Thu Jul 2 09:42:14 CEST 2026 - fmancera@suse.de
- net/sched: fix pedit partial COW leading to page cache
(bsc#1265421 CVE-2026-46331).
- commit f7e43c5
-------------------------------------------------------------------
Wed Jul 1 21:48:18 CEST 2026 - mkubecek@suse.cz
- inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP
(CVE-2026-46266 bsc#1267684).
- net: fix the counter ICMP_MIB_INERRORS/ICMP6_MIB_INERRORS
(CVE-2026-46266 bsc#1267684).
- ipv4: Put proper checks into icmp_socket_deliver()
(CVE-2026-46266 bsc#1267684).
- ipv4: Deliver ICMP redirects to sockets too (CVE-2026-46266
bsc#1267684).
- ipv4: Pull icmp socket delivery out into a helper function
(CVE-2026-46266 bsc#1267684).
- inet: Sanitize inet{,6} protocol demux (CVE-2026-46266
bsc#1267684).
- commit 79bd2dc
-------------------------------------------------------------------
Wed Jul 1 18:22:14 CEST 2026 - tiwai@suse.de
- Bluetooth: bnep: reject short frames before parsing
(CVE-2026-53253 bsc#1269574).
- skbuff: introduce skb_pull_data (CVE-2026-53253 bsc#1269574).
- commit abdf93a
-------------------------------------------------------------------
Wed Jul 1 18:10:36 CEST 2026 - tiwai@suse.de
- ALSA: aloop: Fix peer runtime UAF during format-change stop
(CVE-2026-46090 bsc#1267531).
- commit a5ddd8e
-------------------------------------------------------------------
Wed Jul 1 11:01:40 CEST 2026 - tiwai@suse.de
- Bluetooth: serialize accept_q access (CVE-2026-52918
bsc#1269100).
- commit 0ed441f
-------------------------------------------------------------------
Mon Jun 15 23:20:21 CEST 2026 - mkubecek@suse.cz
- kabi: revert kabi breaking changes from bsc#1264610 fix
(CVE-2026-43198 bsc#1264610).
- tcp: fix potential race in tcp_v6_syn_recv_sock()
(CVE-2026-43198 bsc#1264610).
- tcp: do not use ipv6 header for ipv4 flow (CVE-2026-43198
bsc#1264610).
- commit 1f3154e
-------------------------------------------------------------------
Sat Jun 6 21:45:05 CEST 2026 - lduncan@suse.com
+64
View File
@@ -1,3 +1,67 @@
-------------------------------------------------------------------
Fri Jul 3 08:52:35 CEST 2026 - jgross@suse.com
- KVM: x86: Fix shadow paging use-after-free due to unexpected
role (git-fixes).
- commit d1a4dd0
-------------------------------------------------------------------
Thu Jul 2 09:42:14 CEST 2026 - fmancera@suse.de
- net/sched: fix pedit partial COW leading to page cache
(bsc#1265421 CVE-2026-46331).
- commit f7e43c5
-------------------------------------------------------------------
Wed Jul 1 21:48:18 CEST 2026 - mkubecek@suse.cz
- inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP
(CVE-2026-46266 bsc#1267684).
- net: fix the counter ICMP_MIB_INERRORS/ICMP6_MIB_INERRORS
(CVE-2026-46266 bsc#1267684).
- ipv4: Put proper checks into icmp_socket_deliver()
(CVE-2026-46266 bsc#1267684).
- ipv4: Deliver ICMP redirects to sockets too (CVE-2026-46266
bsc#1267684).
- ipv4: Pull icmp socket delivery out into a helper function
(CVE-2026-46266 bsc#1267684).
- inet: Sanitize inet{,6} protocol demux (CVE-2026-46266
bsc#1267684).
- commit 79bd2dc
-------------------------------------------------------------------
Wed Jul 1 18:22:14 CEST 2026 - tiwai@suse.de
- Bluetooth: bnep: reject short frames before parsing
(CVE-2026-53253 bsc#1269574).
- skbuff: introduce skb_pull_data (CVE-2026-53253 bsc#1269574).
- commit abdf93a
-------------------------------------------------------------------
Wed Jul 1 18:10:36 CEST 2026 - tiwai@suse.de
- ALSA: aloop: Fix peer runtime UAF during format-change stop
(CVE-2026-46090 bsc#1267531).
- commit a5ddd8e
-------------------------------------------------------------------
Wed Jul 1 11:01:40 CEST 2026 - tiwai@suse.de
- Bluetooth: serialize accept_q access (CVE-2026-52918
bsc#1269100).
- commit 0ed441f
-------------------------------------------------------------------
Mon Jun 15 23:20:21 CEST 2026 - mkubecek@suse.cz
- kabi: revert kabi breaking changes from bsc#1264610 fix
(CVE-2026-43198 bsc#1264610).
- tcp: fix potential race in tcp_v6_syn_recv_sock()
(CVE-2026-43198 bsc#1264610).
- tcp: do not use ipv6 header for ipv4 flow (CVE-2026-43198
bsc#1264610).
- commit 1f3154e
-------------------------------------------------------------------
Sat Jun 6 21:45:05 CEST 2026 - lduncan@suse.com
+64
View File
@@ -1,3 +1,67 @@
-------------------------------------------------------------------
Fri Jul 3 08:52:35 CEST 2026 - jgross@suse.com
- KVM: x86: Fix shadow paging use-after-free due to unexpected
role (git-fixes).
- commit d1a4dd0
-------------------------------------------------------------------
Thu Jul 2 09:42:14 CEST 2026 - fmancera@suse.de
- net/sched: fix pedit partial COW leading to page cache
(bsc#1265421 CVE-2026-46331).
- commit f7e43c5
-------------------------------------------------------------------
Wed Jul 1 21:48:18 CEST 2026 - mkubecek@suse.cz
- inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP
(CVE-2026-46266 bsc#1267684).
- net: fix the counter ICMP_MIB_INERRORS/ICMP6_MIB_INERRORS
(CVE-2026-46266 bsc#1267684).
- ipv4: Put proper checks into icmp_socket_deliver()
(CVE-2026-46266 bsc#1267684).
- ipv4: Deliver ICMP redirects to sockets too (CVE-2026-46266
bsc#1267684).
- ipv4: Pull icmp socket delivery out into a helper function
(CVE-2026-46266 bsc#1267684).
- inet: Sanitize inet{,6} protocol demux (CVE-2026-46266
bsc#1267684).
- commit 79bd2dc
-------------------------------------------------------------------
Wed Jul 1 18:22:14 CEST 2026 - tiwai@suse.de
- Bluetooth: bnep: reject short frames before parsing
(CVE-2026-53253 bsc#1269574).
- skbuff: introduce skb_pull_data (CVE-2026-53253 bsc#1269574).
- commit abdf93a
-------------------------------------------------------------------
Wed Jul 1 18:10:36 CEST 2026 - tiwai@suse.de
- ALSA: aloop: Fix peer runtime UAF during format-change stop
(CVE-2026-46090 bsc#1267531).
- commit a5ddd8e
-------------------------------------------------------------------
Wed Jul 1 11:01:40 CEST 2026 - tiwai@suse.de
- Bluetooth: serialize accept_q access (CVE-2026-52918
bsc#1269100).
- commit 0ed441f
-------------------------------------------------------------------
Mon Jun 15 23:20:21 CEST 2026 - mkubecek@suse.cz
- kabi: revert kabi breaking changes from bsc#1264610 fix
(CVE-2026-43198 bsc#1264610).
- tcp: fix potential race in tcp_v6_syn_recv_sock()
(CVE-2026-43198 bsc#1264610).
- tcp: do not use ipv6 header for ipv4 flow (CVE-2026-43198
bsc#1264610).
- commit 1f3154e
-------------------------------------------------------------------
Sat Jun 6 21:45:05 CEST 2026 - lduncan@suse.com
+64
View File
@@ -1,3 +1,67 @@
-------------------------------------------------------------------
Fri Jul 3 08:52:35 CEST 2026 - jgross@suse.com
- KVM: x86: Fix shadow paging use-after-free due to unexpected
role (git-fixes).
- commit d1a4dd0
-------------------------------------------------------------------
Thu Jul 2 09:42:14 CEST 2026 - fmancera@suse.de
- net/sched: fix pedit partial COW leading to page cache
(bsc#1265421 CVE-2026-46331).
- commit f7e43c5
-------------------------------------------------------------------
Wed Jul 1 21:48:18 CEST 2026 - mkubecek@suse.cz
- inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP
(CVE-2026-46266 bsc#1267684).
- net: fix the counter ICMP_MIB_INERRORS/ICMP6_MIB_INERRORS
(CVE-2026-46266 bsc#1267684).
- ipv4: Put proper checks into icmp_socket_deliver()
(CVE-2026-46266 bsc#1267684).
- ipv4: Deliver ICMP redirects to sockets too (CVE-2026-46266
bsc#1267684).
- ipv4: Pull icmp socket delivery out into a helper function
(CVE-2026-46266 bsc#1267684).
- inet: Sanitize inet{,6} protocol demux (CVE-2026-46266
bsc#1267684).
- commit 79bd2dc
-------------------------------------------------------------------
Wed Jul 1 18:22:14 CEST 2026 - tiwai@suse.de
- Bluetooth: bnep: reject short frames before parsing
(CVE-2026-53253 bsc#1269574).
- skbuff: introduce skb_pull_data (CVE-2026-53253 bsc#1269574).
- commit abdf93a
-------------------------------------------------------------------
Wed Jul 1 18:10:36 CEST 2026 - tiwai@suse.de
- ALSA: aloop: Fix peer runtime UAF during format-change stop
(CVE-2026-46090 bsc#1267531).
- commit a5ddd8e
-------------------------------------------------------------------
Wed Jul 1 11:01:40 CEST 2026 - tiwai@suse.de
- Bluetooth: serialize accept_q access (CVE-2026-52918
bsc#1269100).
- commit 0ed441f
-------------------------------------------------------------------
Mon Jun 15 23:20:21 CEST 2026 - mkubecek@suse.cz
- kabi: revert kabi breaking changes from bsc#1264610 fix
(CVE-2026-43198 bsc#1264610).
- tcp: fix potential race in tcp_v6_syn_recv_sock()
(CVE-2026-43198 bsc#1264610).
- tcp: do not use ipv6 header for ipv4 flow (CVE-2026-43198
bsc#1264610).
- commit 1f3154e
-------------------------------------------------------------------
Sat Jun 6 21:45:05 CEST 2026 - lduncan@suse.com
+64
View File
@@ -1,3 +1,67 @@
-------------------------------------------------------------------
Fri Jul 3 08:52:35 CEST 2026 - jgross@suse.com
- KVM: x86: Fix shadow paging use-after-free due to unexpected
role (git-fixes).
- commit d1a4dd0
-------------------------------------------------------------------
Thu Jul 2 09:42:14 CEST 2026 - fmancera@suse.de
- net/sched: fix pedit partial COW leading to page cache
(bsc#1265421 CVE-2026-46331).
- commit f7e43c5
-------------------------------------------------------------------
Wed Jul 1 21:48:18 CEST 2026 - mkubecek@suse.cz
- inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP
(CVE-2026-46266 bsc#1267684).
- net: fix the counter ICMP_MIB_INERRORS/ICMP6_MIB_INERRORS
(CVE-2026-46266 bsc#1267684).
- ipv4: Put proper checks into icmp_socket_deliver()
(CVE-2026-46266 bsc#1267684).
- ipv4: Deliver ICMP redirects to sockets too (CVE-2026-46266
bsc#1267684).
- ipv4: Pull icmp socket delivery out into a helper function
(CVE-2026-46266 bsc#1267684).
- inet: Sanitize inet{,6} protocol demux (CVE-2026-46266
bsc#1267684).
- commit 79bd2dc
-------------------------------------------------------------------
Wed Jul 1 18:22:14 CEST 2026 - tiwai@suse.de
- Bluetooth: bnep: reject short frames before parsing
(CVE-2026-53253 bsc#1269574).
- skbuff: introduce skb_pull_data (CVE-2026-53253 bsc#1269574).
- commit abdf93a
-------------------------------------------------------------------
Wed Jul 1 18:10:36 CEST 2026 - tiwai@suse.de
- ALSA: aloop: Fix peer runtime UAF during format-change stop
(CVE-2026-46090 bsc#1267531).
- commit a5ddd8e
-------------------------------------------------------------------
Wed Jul 1 11:01:40 CEST 2026 - tiwai@suse.de
- Bluetooth: serialize accept_q access (CVE-2026-52918
bsc#1269100).
- commit 0ed441f
-------------------------------------------------------------------
Mon Jun 15 23:20:21 CEST 2026 - mkubecek@suse.cz
- kabi: revert kabi breaking changes from bsc#1264610 fix
(CVE-2026-43198 bsc#1264610).
- tcp: fix potential race in tcp_v6_syn_recv_sock()
(CVE-2026-43198 bsc#1264610).
- tcp: do not use ipv6 header for ipv4 flow (CVE-2026-43198
bsc#1264610).
- commit 1f3154e
-------------------------------------------------------------------
Sat Jun 6 21:45:05 CEST 2026 - lduncan@suse.com
+64
View File
@@ -1,3 +1,67 @@
-------------------------------------------------------------------
Fri Jul 3 08:52:35 CEST 2026 - jgross@suse.com
- KVM: x86: Fix shadow paging use-after-free due to unexpected
role (git-fixes).
- commit d1a4dd0
-------------------------------------------------------------------
Thu Jul 2 09:42:14 CEST 2026 - fmancera@suse.de
- net/sched: fix pedit partial COW leading to page cache
(bsc#1265421 CVE-2026-46331).
- commit f7e43c5
-------------------------------------------------------------------
Wed Jul 1 21:48:18 CEST 2026 - mkubecek@suse.cz
- inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP
(CVE-2026-46266 bsc#1267684).
- net: fix the counter ICMP_MIB_INERRORS/ICMP6_MIB_INERRORS
(CVE-2026-46266 bsc#1267684).
- ipv4: Put proper checks into icmp_socket_deliver()
(CVE-2026-46266 bsc#1267684).
- ipv4: Deliver ICMP redirects to sockets too (CVE-2026-46266
bsc#1267684).
- ipv4: Pull icmp socket delivery out into a helper function
(CVE-2026-46266 bsc#1267684).
- inet: Sanitize inet{,6} protocol demux (CVE-2026-46266
bsc#1267684).
- commit 79bd2dc
-------------------------------------------------------------------
Wed Jul 1 18:22:14 CEST 2026 - tiwai@suse.de
- Bluetooth: bnep: reject short frames before parsing
(CVE-2026-53253 bsc#1269574).
- skbuff: introduce skb_pull_data (CVE-2026-53253 bsc#1269574).
- commit abdf93a
-------------------------------------------------------------------
Wed Jul 1 18:10:36 CEST 2026 - tiwai@suse.de
- ALSA: aloop: Fix peer runtime UAF during format-change stop
(CVE-2026-46090 bsc#1267531).
- commit a5ddd8e
-------------------------------------------------------------------
Wed Jul 1 11:01:40 CEST 2026 - tiwai@suse.de
- Bluetooth: serialize accept_q access (CVE-2026-52918
bsc#1269100).
- commit 0ed441f
-------------------------------------------------------------------
Mon Jun 15 23:20:21 CEST 2026 - mkubecek@suse.cz
- kabi: revert kabi breaking changes from bsc#1264610 fix
(CVE-2026-43198 bsc#1264610).
- tcp: fix potential race in tcp_v6_syn_recv_sock()
(CVE-2026-43198 bsc#1264610).
- tcp: do not use ipv6 header for ipv4 flow (CVE-2026-43198
bsc#1264610).
- commit 1f3154e
-------------------------------------------------------------------
Sat Jun 6 21:45:05 CEST 2026 - lduncan@suse.com
+64
View File
@@ -1,3 +1,67 @@
-------------------------------------------------------------------
Fri Jul 3 08:52:35 CEST 2026 - jgross@suse.com
- KVM: x86: Fix shadow paging use-after-free due to unexpected
role (git-fixes).
- commit d1a4dd0
-------------------------------------------------------------------
Thu Jul 2 09:42:14 CEST 2026 - fmancera@suse.de
- net/sched: fix pedit partial COW leading to page cache
(bsc#1265421 CVE-2026-46331).
- commit f7e43c5
-------------------------------------------------------------------
Wed Jul 1 21:48:18 CEST 2026 - mkubecek@suse.cz
- inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP
(CVE-2026-46266 bsc#1267684).
- net: fix the counter ICMP_MIB_INERRORS/ICMP6_MIB_INERRORS
(CVE-2026-46266 bsc#1267684).
- ipv4: Put proper checks into icmp_socket_deliver()
(CVE-2026-46266 bsc#1267684).
- ipv4: Deliver ICMP redirects to sockets too (CVE-2026-46266
bsc#1267684).
- ipv4: Pull icmp socket delivery out into a helper function
(CVE-2026-46266 bsc#1267684).
- inet: Sanitize inet{,6} protocol demux (CVE-2026-46266
bsc#1267684).
- commit 79bd2dc
-------------------------------------------------------------------
Wed Jul 1 18:22:14 CEST 2026 - tiwai@suse.de
- Bluetooth: bnep: reject short frames before parsing
(CVE-2026-53253 bsc#1269574).
- skbuff: introduce skb_pull_data (CVE-2026-53253 bsc#1269574).
- commit abdf93a
-------------------------------------------------------------------
Wed Jul 1 18:10:36 CEST 2026 - tiwai@suse.de
- ALSA: aloop: Fix peer runtime UAF during format-change stop
(CVE-2026-46090 bsc#1267531).
- commit a5ddd8e
-------------------------------------------------------------------
Wed Jul 1 11:01:40 CEST 2026 - tiwai@suse.de
- Bluetooth: serialize accept_q access (CVE-2026-52918
bsc#1269100).
- commit 0ed441f
-------------------------------------------------------------------
Mon Jun 15 23:20:21 CEST 2026 - mkubecek@suse.cz
- kabi: revert kabi breaking changes from bsc#1264610 fix
(CVE-2026-43198 bsc#1264610).
- tcp: fix potential race in tcp_v6_syn_recv_sock()
(CVE-2026-43198 bsc#1264610).
- tcp: do not use ipv6 header for ipv4 flow (CVE-2026-43198
bsc#1264610).
- commit 1f3154e
-------------------------------------------------------------------
Sat Jun 6 21:45:05 CEST 2026 - lduncan@suse.com
+64
View File
@@ -1,3 +1,67 @@
-------------------------------------------------------------------
Fri Jul 3 08:52:35 CEST 2026 - jgross@suse.com
- KVM: x86: Fix shadow paging use-after-free due to unexpected
role (git-fixes).
- commit d1a4dd0
-------------------------------------------------------------------
Thu Jul 2 09:42:14 CEST 2026 - fmancera@suse.de
- net/sched: fix pedit partial COW leading to page cache
(bsc#1265421 CVE-2026-46331).
- commit f7e43c5
-------------------------------------------------------------------
Wed Jul 1 21:48:18 CEST 2026 - mkubecek@suse.cz
- inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP
(CVE-2026-46266 bsc#1267684).
- net: fix the counter ICMP_MIB_INERRORS/ICMP6_MIB_INERRORS
(CVE-2026-46266 bsc#1267684).
- ipv4: Put proper checks into icmp_socket_deliver()
(CVE-2026-46266 bsc#1267684).
- ipv4: Deliver ICMP redirects to sockets too (CVE-2026-46266
bsc#1267684).
- ipv4: Pull icmp socket delivery out into a helper function
(CVE-2026-46266 bsc#1267684).
- inet: Sanitize inet{,6} protocol demux (CVE-2026-46266
bsc#1267684).
- commit 79bd2dc
-------------------------------------------------------------------
Wed Jul 1 18:22:14 CEST 2026 - tiwai@suse.de
- Bluetooth: bnep: reject short frames before parsing
(CVE-2026-53253 bsc#1269574).
- skbuff: introduce skb_pull_data (CVE-2026-53253 bsc#1269574).
- commit abdf93a
-------------------------------------------------------------------
Wed Jul 1 18:10:36 CEST 2026 - tiwai@suse.de
- ALSA: aloop: Fix peer runtime UAF during format-change stop
(CVE-2026-46090 bsc#1267531).
- commit a5ddd8e
-------------------------------------------------------------------
Wed Jul 1 11:01:40 CEST 2026 - tiwai@suse.de
- Bluetooth: serialize accept_q access (CVE-2026-52918
bsc#1269100).
- commit 0ed441f
-------------------------------------------------------------------
Mon Jun 15 23:20:21 CEST 2026 - mkubecek@suse.cz
- kabi: revert kabi breaking changes from bsc#1264610 fix
(CVE-2026-43198 bsc#1264610).
- tcp: fix potential race in tcp_v6_syn_recv_sock()
(CVE-2026-43198 bsc#1264610).
- tcp: do not use ipv6 header for ipv4 flow (CVE-2026-43198
bsc#1264610).
- commit 1f3154e
-------------------------------------------------------------------
Sat Jun 6 21:45:05 CEST 2026 - lduncan@suse.com
+64
View File
@@ -1,3 +1,67 @@
-------------------------------------------------------------------
Fri Jul 3 08:52:35 CEST 2026 - jgross@suse.com
- KVM: x86: Fix shadow paging use-after-free due to unexpected
role (git-fixes).
- commit d1a4dd0
-------------------------------------------------------------------
Thu Jul 2 09:42:14 CEST 2026 - fmancera@suse.de
- net/sched: fix pedit partial COW leading to page cache
(bsc#1265421 CVE-2026-46331).
- commit f7e43c5
-------------------------------------------------------------------
Wed Jul 1 21:48:18 CEST 2026 - mkubecek@suse.cz
- inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP
(CVE-2026-46266 bsc#1267684).
- net: fix the counter ICMP_MIB_INERRORS/ICMP6_MIB_INERRORS
(CVE-2026-46266 bsc#1267684).
- ipv4: Put proper checks into icmp_socket_deliver()
(CVE-2026-46266 bsc#1267684).
- ipv4: Deliver ICMP redirects to sockets too (CVE-2026-46266
bsc#1267684).
- ipv4: Pull icmp socket delivery out into a helper function
(CVE-2026-46266 bsc#1267684).
- inet: Sanitize inet{,6} protocol demux (CVE-2026-46266
bsc#1267684).
- commit 79bd2dc
-------------------------------------------------------------------
Wed Jul 1 18:22:14 CEST 2026 - tiwai@suse.de
- Bluetooth: bnep: reject short frames before parsing
(CVE-2026-53253 bsc#1269574).
- skbuff: introduce skb_pull_data (CVE-2026-53253 bsc#1269574).
- commit abdf93a
-------------------------------------------------------------------
Wed Jul 1 18:10:36 CEST 2026 - tiwai@suse.de
- ALSA: aloop: Fix peer runtime UAF during format-change stop
(CVE-2026-46090 bsc#1267531).
- commit a5ddd8e
-------------------------------------------------------------------
Wed Jul 1 11:01:40 CEST 2026 - tiwai@suse.de
- Bluetooth: serialize accept_q access (CVE-2026-52918
bsc#1269100).
- commit 0ed441f
-------------------------------------------------------------------
Mon Jun 15 23:20:21 CEST 2026 - mkubecek@suse.cz
- kabi: revert kabi breaking changes from bsc#1264610 fix
(CVE-2026-43198 bsc#1264610).
- tcp: fix potential race in tcp_v6_syn_recv_sock()
(CVE-2026-43198 bsc#1264610).
- tcp: do not use ipv6 header for ipv4 flow (CVE-2026-43198
bsc#1264610).
- commit 1f3154e
-------------------------------------------------------------------
Sat Jun 6 21:45:05 CEST 2026 - lduncan@suse.com
+64
View File
@@ -1,3 +1,67 @@
-------------------------------------------------------------------
Fri Jul 3 08:52:35 CEST 2026 - jgross@suse.com
- KVM: x86: Fix shadow paging use-after-free due to unexpected
role (git-fixes).
- commit d1a4dd0
-------------------------------------------------------------------
Thu Jul 2 09:42:14 CEST 2026 - fmancera@suse.de
- net/sched: fix pedit partial COW leading to page cache
(bsc#1265421 CVE-2026-46331).
- commit f7e43c5
-------------------------------------------------------------------
Wed Jul 1 21:48:18 CEST 2026 - mkubecek@suse.cz
- inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP
(CVE-2026-46266 bsc#1267684).
- net: fix the counter ICMP_MIB_INERRORS/ICMP6_MIB_INERRORS
(CVE-2026-46266 bsc#1267684).
- ipv4: Put proper checks into icmp_socket_deliver()
(CVE-2026-46266 bsc#1267684).
- ipv4: Deliver ICMP redirects to sockets too (CVE-2026-46266
bsc#1267684).
- ipv4: Pull icmp socket delivery out into a helper function
(CVE-2026-46266 bsc#1267684).
- inet: Sanitize inet{,6} protocol demux (CVE-2026-46266
bsc#1267684).
- commit 79bd2dc
-------------------------------------------------------------------
Wed Jul 1 18:22:14 CEST 2026 - tiwai@suse.de
- Bluetooth: bnep: reject short frames before parsing
(CVE-2026-53253 bsc#1269574).
- skbuff: introduce skb_pull_data (CVE-2026-53253 bsc#1269574).
- commit abdf93a
-------------------------------------------------------------------
Wed Jul 1 18:10:36 CEST 2026 - tiwai@suse.de
- ALSA: aloop: Fix peer runtime UAF during format-change stop
(CVE-2026-46090 bsc#1267531).
- commit a5ddd8e
-------------------------------------------------------------------
Wed Jul 1 11:01:40 CEST 2026 - tiwai@suse.de
- Bluetooth: serialize accept_q access (CVE-2026-52918
bsc#1269100).
- commit 0ed441f
-------------------------------------------------------------------
Mon Jun 15 23:20:21 CEST 2026 - mkubecek@suse.cz
- kabi: revert kabi breaking changes from bsc#1264610 fix
(CVE-2026-43198 bsc#1264610).
- tcp: fix potential race in tcp_v6_syn_recv_sock()
(CVE-2026-43198 bsc#1264610).
- tcp: do not use ipv6 header for ipv4 flow (CVE-2026-43198
bsc#1264610).
- commit 1f3154e
-------------------------------------------------------------------
Sat Jun 6 21:45:05 CEST 2026 - lduncan@suse.com
+1 -1
View File
@@ -67,7 +67,7 @@ Name: kernel-debug
Summary: A Debug Version of the Kernel
Version: 3.0.101
%if 0%{?is_kotd}
Release: <RELEASE>.g815079c
Release: <RELEASE>.gced5d17
%else
Release: 0
%endif
+1 -1
View File
@@ -67,7 +67,7 @@ Name: kernel-default
Summary: The Standard Kernel
Version: 3.0.101
%if 0%{?is_kotd}
Release: <RELEASE>.g815079c
Release: <RELEASE>.gced5d17
%else
Release: 0
%endif
+1 -1
View File
@@ -29,7 +29,7 @@ Name: kernel-docs
Summary: Kernel Documentation
Version: 3.0.101
%if 0%{?is_kotd}
Release: <RELEASE>.g815079c
Release: <RELEASE>.gced5d17
%else
Release: 0
%endif
+1 -1
View File
@@ -67,7 +67,7 @@ Name: kernel-ec2
Summary: The Amazon EC2 Xen Kernel
Version: 3.0.101
%if 0%{?is_kotd}
Release: <RELEASE>.g815079c
Release: <RELEASE>.gced5d17
%else
Release: 0
%endif
+1 -1
View File
@@ -67,7 +67,7 @@ Name: kernel-pae
Summary: Kernel with PAE Support
Version: 3.0.101
%if 0%{?is_kotd}
Release: <RELEASE>.g815079c
Release: <RELEASE>.gced5d17
%else
Release: 0
%endif
+1 -1
View File
@@ -31,7 +31,7 @@ Name: kernel-source
Summary: The Linux Kernel Sources
Version: 3.0.101
%if 0%{?is_kotd}
Release: <RELEASE>.g815079c
Release: <RELEASE>.gced5d17
%else
Release: 0
%endif
+1 -1
View File
@@ -26,7 +26,7 @@ Summary: Kernel Symbol Versions (modversions)
Version: 3.0.101
%if %using_buildservice
%if 0%{?is_kotd}
Release: <RELEASE>.g815079c
Release: <RELEASE>.gced5d17
%else
Release: 0
%endif
+1 -1
View File
@@ -67,7 +67,7 @@ Name: kernel-trace
Summary: The Tracing Kernel
Version: 3.0.101
%if 0%{?is_kotd}
Release: <RELEASE>.g815079c
Release: <RELEASE>.gced5d17
%else
Release: 0
%endif
+1 -1
View File
@@ -67,7 +67,7 @@ Name: kernel-vanilla
Summary: The Standard Kernel - without any SUSE patches
Version: 3.0.101
%if 0%{?is_kotd}
Release: <RELEASE>.g815079c
Release: <RELEASE>.gced5d17
%else
Release: 0
%endif
+1 -1
View File
@@ -67,7 +67,7 @@ Name: kernel-xen
Summary: The Xen Kernel
Version: 3.0.101
%if 0%{?is_kotd}
Release: <RELEASE>.g815079c
Release: <RELEASE>.gced5d17
%else
Release: 0
%endif
BIN
View File
Binary file not shown.
BIN
View File
Binary file not shown.
+23
View File
@@ -3298,6 +3298,7 @@
patches.suse/ipvs-Defer-ip_vs_ftp-unregister-during-netns-cleanup.patch
patches.suse/netfilter-xt_tcpmss-check-remaining-length-before-reading-.patch
patches.suse/netfilter-ip6t_eui64-reject-invalid-MAC-header-for-all-pac.patch
patches.suse/net-sched-fix-pedit-partial-COW-leading-to-page-cache.patch
########################################################
# tipc
@@ -3605,6 +3606,9 @@
patches.fixes/ipv6-remove-max_size-check-inline-with-ipv4.patch
patches.kabi/kabi-restore-return-type-of-dst_ops-gc-callback.patch
patches.suse/net-sched-Enforce-that-teql-can-only-be-used-as-root.patch
patches.suse/tcp-do-not-use-ipv6-header-for-ipv4-flow.patch
patches.suse/tcp-fix-potential-race-in-tcp_v6_syn_recv_sock.patch
patches.kabi/kabi-revert-kabi-breaking-changes-from-bsc-1264610-f.patch
########################################################
# NFS
@@ -7300,6 +7304,14 @@
patches.suse/0001-netfilter-x_tables-fix-LED-ID-check-in-led_tg_check.patch
# not netfilter but depend on netfilter backports
patches.suse/inet-Sanitize-inet-6-protocol-demux.patch
patches.suse/ipv4-Pull-icmp-socket-delivery-out-into-a-helper-fun.patch
patches.suse/ipv4-Deliver-ICMP-redirects-to-sockets-too.patch
patches.suse/ipv4-Put-proper-checks-into-icmp_socket_deliver.patch
patches.suse/net-fix-the-counter-ICMP_MIB_INERRORS-ICMP6_MIB_INER.patch
patches.suse/inet-RAW-sockets-using-IPPROTO_RAW-MUST-drop-incomin.patch
########################################################
# PCI and PCI hotplug
########################################################
@@ -27175,6 +27187,16 @@
# CVE-2026-45970 bsc#1267205
patches.suse/bonding-alb-fix-UAF-in-rlb_arp_recv-during-bond-up-d.patch
# CVE-2026-52918 bsc#1269100
patches.suse/Bluetooth-serialize-accept_q-access.patch
# CVE-2026-46090 bsc#1267531
patches.suse/ALSA-aloop-Fix-peer-runtime-UAF-during-format-change.patch
# CVE-2026-53253 bsc#1269574
patches.suse/skbuff-introduce-skb_pull_data.patch
patches.suse/Bluetooth-bnep-reject-short-frames-before-parsing.patch
########################################################
# xen architecture, version 3
########################################################
@@ -27564,4 +27586,5 @@
patches.xen/xen-netfront.napi_complete.patch
patches.suse/md-raid1-fix-potential-OOB-in-raid1_remove_disk.patch
patches.suse/KVM-x86-Fix-shadow-paging-use-after-free-due-to-unex.patch
patches.suse/KVM-x86-Fix-shadow-paging-use-after-free-due-to-unex-81ccda30b4e8.patch
+2 -2
View File
@@ -1,3 +1,3 @@
2026-07-03 23:12:36 +0000
GIT Revision: 815079c42e03fb0e863fca13af1a661ddaa6fc00
2026-07-04 06:21:00 +0000
GIT Revision: ced5d17b56330ac568f27a497297463ea73ad563
GIT Branch: SLE11-SP4-LTSS