forked from pool/kernel-source
GIT Revision: ced5d17b56330ac568f27a497297463ea73ad563
GIT Branch: SLE11-SP4-LTSS 2026-07-04 06:21:00 +0000
This commit is contained in:
@@ -1,3 +1,67 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Jul 3 08:52:35 CEST 2026 - jgross@suse.com
|
||||
|
||||
- KVM: x86: Fix shadow paging use-after-free due to unexpected
|
||||
role (git-fixes).
|
||||
- commit d1a4dd0
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jul 2 09:42:14 CEST 2026 - fmancera@suse.de
|
||||
|
||||
- net/sched: fix pedit partial COW leading to page cache
|
||||
(bsc#1265421 CVE-2026-46331).
|
||||
- commit f7e43c5
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 21:48:18 CEST 2026 - mkubecek@suse.cz
|
||||
|
||||
- inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- net: fix the counter ICMP_MIB_INERRORS/ICMP6_MIB_INERRORS
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- ipv4: Put proper checks into icmp_socket_deliver()
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- ipv4: Deliver ICMP redirects to sockets too (CVE-2026-46266
|
||||
bsc#1267684).
|
||||
- ipv4: Pull icmp socket delivery out into a helper function
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- inet: Sanitize inet{,6} protocol demux (CVE-2026-46266
|
||||
bsc#1267684).
|
||||
- commit 79bd2dc
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 18:22:14 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- Bluetooth: bnep: reject short frames before parsing
|
||||
(CVE-2026-53253 bsc#1269574).
|
||||
- skbuff: introduce skb_pull_data (CVE-2026-53253 bsc#1269574).
|
||||
- commit abdf93a
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 18:10:36 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- ALSA: aloop: Fix peer runtime UAF during format-change stop
|
||||
(CVE-2026-46090 bsc#1267531).
|
||||
- commit a5ddd8e
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 11:01:40 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- Bluetooth: serialize accept_q access (CVE-2026-52918
|
||||
bsc#1269100).
|
||||
- commit 0ed441f
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jun 15 23:20:21 CEST 2026 - mkubecek@suse.cz
|
||||
|
||||
- kabi: revert kabi breaking changes from bsc#1264610 fix
|
||||
(CVE-2026-43198 bsc#1264610).
|
||||
- tcp: fix potential race in tcp_v6_syn_recv_sock()
|
||||
(CVE-2026-43198 bsc#1264610).
|
||||
- tcp: do not use ipv6 header for ipv4 flow (CVE-2026-43198
|
||||
bsc#1264610).
|
||||
- commit 1f3154e
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Jun 6 21:45:05 CEST 2026 - lduncan@suse.com
|
||||
|
||||
|
||||
@@ -1,3 +1,67 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Jul 3 08:52:35 CEST 2026 - jgross@suse.com
|
||||
|
||||
- KVM: x86: Fix shadow paging use-after-free due to unexpected
|
||||
role (git-fixes).
|
||||
- commit d1a4dd0
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jul 2 09:42:14 CEST 2026 - fmancera@suse.de
|
||||
|
||||
- net/sched: fix pedit partial COW leading to page cache
|
||||
(bsc#1265421 CVE-2026-46331).
|
||||
- commit f7e43c5
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 21:48:18 CEST 2026 - mkubecek@suse.cz
|
||||
|
||||
- inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- net: fix the counter ICMP_MIB_INERRORS/ICMP6_MIB_INERRORS
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- ipv4: Put proper checks into icmp_socket_deliver()
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- ipv4: Deliver ICMP redirects to sockets too (CVE-2026-46266
|
||||
bsc#1267684).
|
||||
- ipv4: Pull icmp socket delivery out into a helper function
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- inet: Sanitize inet{,6} protocol demux (CVE-2026-46266
|
||||
bsc#1267684).
|
||||
- commit 79bd2dc
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 18:22:14 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- Bluetooth: bnep: reject short frames before parsing
|
||||
(CVE-2026-53253 bsc#1269574).
|
||||
- skbuff: introduce skb_pull_data (CVE-2026-53253 bsc#1269574).
|
||||
- commit abdf93a
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 18:10:36 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- ALSA: aloop: Fix peer runtime UAF during format-change stop
|
||||
(CVE-2026-46090 bsc#1267531).
|
||||
- commit a5ddd8e
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 11:01:40 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- Bluetooth: serialize accept_q access (CVE-2026-52918
|
||||
bsc#1269100).
|
||||
- commit 0ed441f
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jun 15 23:20:21 CEST 2026 - mkubecek@suse.cz
|
||||
|
||||
- kabi: revert kabi breaking changes from bsc#1264610 fix
|
||||
(CVE-2026-43198 bsc#1264610).
|
||||
- tcp: fix potential race in tcp_v6_syn_recv_sock()
|
||||
(CVE-2026-43198 bsc#1264610).
|
||||
- tcp: do not use ipv6 header for ipv4 flow (CVE-2026-43198
|
||||
bsc#1264610).
|
||||
- commit 1f3154e
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Jun 6 21:45:05 CEST 2026 - lduncan@suse.com
|
||||
|
||||
|
||||
@@ -1,3 +1,67 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Jul 3 08:52:35 CEST 2026 - jgross@suse.com
|
||||
|
||||
- KVM: x86: Fix shadow paging use-after-free due to unexpected
|
||||
role (git-fixes).
|
||||
- commit d1a4dd0
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jul 2 09:42:14 CEST 2026 - fmancera@suse.de
|
||||
|
||||
- net/sched: fix pedit partial COW leading to page cache
|
||||
(bsc#1265421 CVE-2026-46331).
|
||||
- commit f7e43c5
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 21:48:18 CEST 2026 - mkubecek@suse.cz
|
||||
|
||||
- inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- net: fix the counter ICMP_MIB_INERRORS/ICMP6_MIB_INERRORS
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- ipv4: Put proper checks into icmp_socket_deliver()
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- ipv4: Deliver ICMP redirects to sockets too (CVE-2026-46266
|
||||
bsc#1267684).
|
||||
- ipv4: Pull icmp socket delivery out into a helper function
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- inet: Sanitize inet{,6} protocol demux (CVE-2026-46266
|
||||
bsc#1267684).
|
||||
- commit 79bd2dc
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 18:22:14 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- Bluetooth: bnep: reject short frames before parsing
|
||||
(CVE-2026-53253 bsc#1269574).
|
||||
- skbuff: introduce skb_pull_data (CVE-2026-53253 bsc#1269574).
|
||||
- commit abdf93a
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 18:10:36 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- ALSA: aloop: Fix peer runtime UAF during format-change stop
|
||||
(CVE-2026-46090 bsc#1267531).
|
||||
- commit a5ddd8e
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 11:01:40 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- Bluetooth: serialize accept_q access (CVE-2026-52918
|
||||
bsc#1269100).
|
||||
- commit 0ed441f
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jun 15 23:20:21 CEST 2026 - mkubecek@suse.cz
|
||||
|
||||
- kabi: revert kabi breaking changes from bsc#1264610 fix
|
||||
(CVE-2026-43198 bsc#1264610).
|
||||
- tcp: fix potential race in tcp_v6_syn_recv_sock()
|
||||
(CVE-2026-43198 bsc#1264610).
|
||||
- tcp: do not use ipv6 header for ipv4 flow (CVE-2026-43198
|
||||
bsc#1264610).
|
||||
- commit 1f3154e
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Jun 6 21:45:05 CEST 2026 - lduncan@suse.com
|
||||
|
||||
|
||||
@@ -1,3 +1,67 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Jul 3 08:52:35 CEST 2026 - jgross@suse.com
|
||||
|
||||
- KVM: x86: Fix shadow paging use-after-free due to unexpected
|
||||
role (git-fixes).
|
||||
- commit d1a4dd0
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jul 2 09:42:14 CEST 2026 - fmancera@suse.de
|
||||
|
||||
- net/sched: fix pedit partial COW leading to page cache
|
||||
(bsc#1265421 CVE-2026-46331).
|
||||
- commit f7e43c5
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 21:48:18 CEST 2026 - mkubecek@suse.cz
|
||||
|
||||
- inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- net: fix the counter ICMP_MIB_INERRORS/ICMP6_MIB_INERRORS
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- ipv4: Put proper checks into icmp_socket_deliver()
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- ipv4: Deliver ICMP redirects to sockets too (CVE-2026-46266
|
||||
bsc#1267684).
|
||||
- ipv4: Pull icmp socket delivery out into a helper function
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- inet: Sanitize inet{,6} protocol demux (CVE-2026-46266
|
||||
bsc#1267684).
|
||||
- commit 79bd2dc
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 18:22:14 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- Bluetooth: bnep: reject short frames before parsing
|
||||
(CVE-2026-53253 bsc#1269574).
|
||||
- skbuff: introduce skb_pull_data (CVE-2026-53253 bsc#1269574).
|
||||
- commit abdf93a
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 18:10:36 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- ALSA: aloop: Fix peer runtime UAF during format-change stop
|
||||
(CVE-2026-46090 bsc#1267531).
|
||||
- commit a5ddd8e
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 11:01:40 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- Bluetooth: serialize accept_q access (CVE-2026-52918
|
||||
bsc#1269100).
|
||||
- commit 0ed441f
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jun 15 23:20:21 CEST 2026 - mkubecek@suse.cz
|
||||
|
||||
- kabi: revert kabi breaking changes from bsc#1264610 fix
|
||||
(CVE-2026-43198 bsc#1264610).
|
||||
- tcp: fix potential race in tcp_v6_syn_recv_sock()
|
||||
(CVE-2026-43198 bsc#1264610).
|
||||
- tcp: do not use ipv6 header for ipv4 flow (CVE-2026-43198
|
||||
bsc#1264610).
|
||||
- commit 1f3154e
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Jun 6 21:45:05 CEST 2026 - lduncan@suse.com
|
||||
|
||||
|
||||
@@ -1,3 +1,67 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Jul 3 08:52:35 CEST 2026 - jgross@suse.com
|
||||
|
||||
- KVM: x86: Fix shadow paging use-after-free due to unexpected
|
||||
role (git-fixes).
|
||||
- commit d1a4dd0
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jul 2 09:42:14 CEST 2026 - fmancera@suse.de
|
||||
|
||||
- net/sched: fix pedit partial COW leading to page cache
|
||||
(bsc#1265421 CVE-2026-46331).
|
||||
- commit f7e43c5
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 21:48:18 CEST 2026 - mkubecek@suse.cz
|
||||
|
||||
- inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- net: fix the counter ICMP_MIB_INERRORS/ICMP6_MIB_INERRORS
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- ipv4: Put proper checks into icmp_socket_deliver()
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- ipv4: Deliver ICMP redirects to sockets too (CVE-2026-46266
|
||||
bsc#1267684).
|
||||
- ipv4: Pull icmp socket delivery out into a helper function
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- inet: Sanitize inet{,6} protocol demux (CVE-2026-46266
|
||||
bsc#1267684).
|
||||
- commit 79bd2dc
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 18:22:14 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- Bluetooth: bnep: reject short frames before parsing
|
||||
(CVE-2026-53253 bsc#1269574).
|
||||
- skbuff: introduce skb_pull_data (CVE-2026-53253 bsc#1269574).
|
||||
- commit abdf93a
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 18:10:36 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- ALSA: aloop: Fix peer runtime UAF during format-change stop
|
||||
(CVE-2026-46090 bsc#1267531).
|
||||
- commit a5ddd8e
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 11:01:40 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- Bluetooth: serialize accept_q access (CVE-2026-52918
|
||||
bsc#1269100).
|
||||
- commit 0ed441f
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jun 15 23:20:21 CEST 2026 - mkubecek@suse.cz
|
||||
|
||||
- kabi: revert kabi breaking changes from bsc#1264610 fix
|
||||
(CVE-2026-43198 bsc#1264610).
|
||||
- tcp: fix potential race in tcp_v6_syn_recv_sock()
|
||||
(CVE-2026-43198 bsc#1264610).
|
||||
- tcp: do not use ipv6 header for ipv4 flow (CVE-2026-43198
|
||||
bsc#1264610).
|
||||
- commit 1f3154e
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Jun 6 21:45:05 CEST 2026 - lduncan@suse.com
|
||||
|
||||
|
||||
@@ -1,3 +1,67 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Jul 3 08:52:35 CEST 2026 - jgross@suse.com
|
||||
|
||||
- KVM: x86: Fix shadow paging use-after-free due to unexpected
|
||||
role (git-fixes).
|
||||
- commit d1a4dd0
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jul 2 09:42:14 CEST 2026 - fmancera@suse.de
|
||||
|
||||
- net/sched: fix pedit partial COW leading to page cache
|
||||
(bsc#1265421 CVE-2026-46331).
|
||||
- commit f7e43c5
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 21:48:18 CEST 2026 - mkubecek@suse.cz
|
||||
|
||||
- inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- net: fix the counter ICMP_MIB_INERRORS/ICMP6_MIB_INERRORS
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- ipv4: Put proper checks into icmp_socket_deliver()
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- ipv4: Deliver ICMP redirects to sockets too (CVE-2026-46266
|
||||
bsc#1267684).
|
||||
- ipv4: Pull icmp socket delivery out into a helper function
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- inet: Sanitize inet{,6} protocol demux (CVE-2026-46266
|
||||
bsc#1267684).
|
||||
- commit 79bd2dc
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 18:22:14 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- Bluetooth: bnep: reject short frames before parsing
|
||||
(CVE-2026-53253 bsc#1269574).
|
||||
- skbuff: introduce skb_pull_data (CVE-2026-53253 bsc#1269574).
|
||||
- commit abdf93a
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 18:10:36 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- ALSA: aloop: Fix peer runtime UAF during format-change stop
|
||||
(CVE-2026-46090 bsc#1267531).
|
||||
- commit a5ddd8e
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 11:01:40 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- Bluetooth: serialize accept_q access (CVE-2026-52918
|
||||
bsc#1269100).
|
||||
- commit 0ed441f
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jun 15 23:20:21 CEST 2026 - mkubecek@suse.cz
|
||||
|
||||
- kabi: revert kabi breaking changes from bsc#1264610 fix
|
||||
(CVE-2026-43198 bsc#1264610).
|
||||
- tcp: fix potential race in tcp_v6_syn_recv_sock()
|
||||
(CVE-2026-43198 bsc#1264610).
|
||||
- tcp: do not use ipv6 header for ipv4 flow (CVE-2026-43198
|
||||
bsc#1264610).
|
||||
- commit 1f3154e
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Jun 6 21:45:05 CEST 2026 - lduncan@suse.com
|
||||
|
||||
|
||||
@@ -1,3 +1,67 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Jul 3 08:52:35 CEST 2026 - jgross@suse.com
|
||||
|
||||
- KVM: x86: Fix shadow paging use-after-free due to unexpected
|
||||
role (git-fixes).
|
||||
- commit d1a4dd0
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jul 2 09:42:14 CEST 2026 - fmancera@suse.de
|
||||
|
||||
- net/sched: fix pedit partial COW leading to page cache
|
||||
(bsc#1265421 CVE-2026-46331).
|
||||
- commit f7e43c5
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 21:48:18 CEST 2026 - mkubecek@suse.cz
|
||||
|
||||
- inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- net: fix the counter ICMP_MIB_INERRORS/ICMP6_MIB_INERRORS
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- ipv4: Put proper checks into icmp_socket_deliver()
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- ipv4: Deliver ICMP redirects to sockets too (CVE-2026-46266
|
||||
bsc#1267684).
|
||||
- ipv4: Pull icmp socket delivery out into a helper function
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- inet: Sanitize inet{,6} protocol demux (CVE-2026-46266
|
||||
bsc#1267684).
|
||||
- commit 79bd2dc
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 18:22:14 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- Bluetooth: bnep: reject short frames before parsing
|
||||
(CVE-2026-53253 bsc#1269574).
|
||||
- skbuff: introduce skb_pull_data (CVE-2026-53253 bsc#1269574).
|
||||
- commit abdf93a
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 18:10:36 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- ALSA: aloop: Fix peer runtime UAF during format-change stop
|
||||
(CVE-2026-46090 bsc#1267531).
|
||||
- commit a5ddd8e
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 11:01:40 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- Bluetooth: serialize accept_q access (CVE-2026-52918
|
||||
bsc#1269100).
|
||||
- commit 0ed441f
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jun 15 23:20:21 CEST 2026 - mkubecek@suse.cz
|
||||
|
||||
- kabi: revert kabi breaking changes from bsc#1264610 fix
|
||||
(CVE-2026-43198 bsc#1264610).
|
||||
- tcp: fix potential race in tcp_v6_syn_recv_sock()
|
||||
(CVE-2026-43198 bsc#1264610).
|
||||
- tcp: do not use ipv6 header for ipv4 flow (CVE-2026-43198
|
||||
bsc#1264610).
|
||||
- commit 1f3154e
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Jun 6 21:45:05 CEST 2026 - lduncan@suse.com
|
||||
|
||||
|
||||
@@ -1,3 +1,67 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Jul 3 08:52:35 CEST 2026 - jgross@suse.com
|
||||
|
||||
- KVM: x86: Fix shadow paging use-after-free due to unexpected
|
||||
role (git-fixes).
|
||||
- commit d1a4dd0
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jul 2 09:42:14 CEST 2026 - fmancera@suse.de
|
||||
|
||||
- net/sched: fix pedit partial COW leading to page cache
|
||||
(bsc#1265421 CVE-2026-46331).
|
||||
- commit f7e43c5
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 21:48:18 CEST 2026 - mkubecek@suse.cz
|
||||
|
||||
- inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- net: fix the counter ICMP_MIB_INERRORS/ICMP6_MIB_INERRORS
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- ipv4: Put proper checks into icmp_socket_deliver()
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- ipv4: Deliver ICMP redirects to sockets too (CVE-2026-46266
|
||||
bsc#1267684).
|
||||
- ipv4: Pull icmp socket delivery out into a helper function
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- inet: Sanitize inet{,6} protocol demux (CVE-2026-46266
|
||||
bsc#1267684).
|
||||
- commit 79bd2dc
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 18:22:14 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- Bluetooth: bnep: reject short frames before parsing
|
||||
(CVE-2026-53253 bsc#1269574).
|
||||
- skbuff: introduce skb_pull_data (CVE-2026-53253 bsc#1269574).
|
||||
- commit abdf93a
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 18:10:36 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- ALSA: aloop: Fix peer runtime UAF during format-change stop
|
||||
(CVE-2026-46090 bsc#1267531).
|
||||
- commit a5ddd8e
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 11:01:40 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- Bluetooth: serialize accept_q access (CVE-2026-52918
|
||||
bsc#1269100).
|
||||
- commit 0ed441f
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jun 15 23:20:21 CEST 2026 - mkubecek@suse.cz
|
||||
|
||||
- kabi: revert kabi breaking changes from bsc#1264610 fix
|
||||
(CVE-2026-43198 bsc#1264610).
|
||||
- tcp: fix potential race in tcp_v6_syn_recv_sock()
|
||||
(CVE-2026-43198 bsc#1264610).
|
||||
- tcp: do not use ipv6 header for ipv4 flow (CVE-2026-43198
|
||||
bsc#1264610).
|
||||
- commit 1f3154e
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Jun 6 21:45:05 CEST 2026 - lduncan@suse.com
|
||||
|
||||
|
||||
@@ -1,3 +1,67 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Jul 3 08:52:35 CEST 2026 - jgross@suse.com
|
||||
|
||||
- KVM: x86: Fix shadow paging use-after-free due to unexpected
|
||||
role (git-fixes).
|
||||
- commit d1a4dd0
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jul 2 09:42:14 CEST 2026 - fmancera@suse.de
|
||||
|
||||
- net/sched: fix pedit partial COW leading to page cache
|
||||
(bsc#1265421 CVE-2026-46331).
|
||||
- commit f7e43c5
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 21:48:18 CEST 2026 - mkubecek@suse.cz
|
||||
|
||||
- inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- net: fix the counter ICMP_MIB_INERRORS/ICMP6_MIB_INERRORS
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- ipv4: Put proper checks into icmp_socket_deliver()
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- ipv4: Deliver ICMP redirects to sockets too (CVE-2026-46266
|
||||
bsc#1267684).
|
||||
- ipv4: Pull icmp socket delivery out into a helper function
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- inet: Sanitize inet{,6} protocol demux (CVE-2026-46266
|
||||
bsc#1267684).
|
||||
- commit 79bd2dc
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 18:22:14 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- Bluetooth: bnep: reject short frames before parsing
|
||||
(CVE-2026-53253 bsc#1269574).
|
||||
- skbuff: introduce skb_pull_data (CVE-2026-53253 bsc#1269574).
|
||||
- commit abdf93a
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 18:10:36 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- ALSA: aloop: Fix peer runtime UAF during format-change stop
|
||||
(CVE-2026-46090 bsc#1267531).
|
||||
- commit a5ddd8e
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 11:01:40 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- Bluetooth: serialize accept_q access (CVE-2026-52918
|
||||
bsc#1269100).
|
||||
- commit 0ed441f
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jun 15 23:20:21 CEST 2026 - mkubecek@suse.cz
|
||||
|
||||
- kabi: revert kabi breaking changes from bsc#1264610 fix
|
||||
(CVE-2026-43198 bsc#1264610).
|
||||
- tcp: fix potential race in tcp_v6_syn_recv_sock()
|
||||
(CVE-2026-43198 bsc#1264610).
|
||||
- tcp: do not use ipv6 header for ipv4 flow (CVE-2026-43198
|
||||
bsc#1264610).
|
||||
- commit 1f3154e
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Jun 6 21:45:05 CEST 2026 - lduncan@suse.com
|
||||
|
||||
|
||||
@@ -1,3 +1,67 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Jul 3 08:52:35 CEST 2026 - jgross@suse.com
|
||||
|
||||
- KVM: x86: Fix shadow paging use-after-free due to unexpected
|
||||
role (git-fixes).
|
||||
- commit d1a4dd0
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jul 2 09:42:14 CEST 2026 - fmancera@suse.de
|
||||
|
||||
- net/sched: fix pedit partial COW leading to page cache
|
||||
(bsc#1265421 CVE-2026-46331).
|
||||
- commit f7e43c5
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 21:48:18 CEST 2026 - mkubecek@suse.cz
|
||||
|
||||
- inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- net: fix the counter ICMP_MIB_INERRORS/ICMP6_MIB_INERRORS
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- ipv4: Put proper checks into icmp_socket_deliver()
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- ipv4: Deliver ICMP redirects to sockets too (CVE-2026-46266
|
||||
bsc#1267684).
|
||||
- ipv4: Pull icmp socket delivery out into a helper function
|
||||
(CVE-2026-46266 bsc#1267684).
|
||||
- inet: Sanitize inet{,6} protocol demux (CVE-2026-46266
|
||||
bsc#1267684).
|
||||
- commit 79bd2dc
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 18:22:14 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- Bluetooth: bnep: reject short frames before parsing
|
||||
(CVE-2026-53253 bsc#1269574).
|
||||
- skbuff: introduce skb_pull_data (CVE-2026-53253 bsc#1269574).
|
||||
- commit abdf93a
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 18:10:36 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- ALSA: aloop: Fix peer runtime UAF during format-change stop
|
||||
(CVE-2026-46090 bsc#1267531).
|
||||
- commit a5ddd8e
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 1 11:01:40 CEST 2026 - tiwai@suse.de
|
||||
|
||||
- Bluetooth: serialize accept_q access (CVE-2026-52918
|
||||
bsc#1269100).
|
||||
- commit 0ed441f
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jun 15 23:20:21 CEST 2026 - mkubecek@suse.cz
|
||||
|
||||
- kabi: revert kabi breaking changes from bsc#1264610 fix
|
||||
(CVE-2026-43198 bsc#1264610).
|
||||
- tcp: fix potential race in tcp_v6_syn_recv_sock()
|
||||
(CVE-2026-43198 bsc#1264610).
|
||||
- tcp: do not use ipv6 header for ipv4 flow (CVE-2026-43198
|
||||
bsc#1264610).
|
||||
- commit 1f3154e
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Jun 6 21:45:05 CEST 2026 - lduncan@suse.com
|
||||
|
||||
|
||||
+1
-1
@@ -67,7 +67,7 @@ Name: kernel-debug
|
||||
Summary: A Debug Version of the Kernel
|
||||
Version: 3.0.101
|
||||
%if 0%{?is_kotd}
|
||||
Release: <RELEASE>.g815079c
|
||||
Release: <RELEASE>.gced5d17
|
||||
%else
|
||||
Release: 0
|
||||
%endif
|
||||
|
||||
+1
-1
@@ -67,7 +67,7 @@ Name: kernel-default
|
||||
Summary: The Standard Kernel
|
||||
Version: 3.0.101
|
||||
%if 0%{?is_kotd}
|
||||
Release: <RELEASE>.g815079c
|
||||
Release: <RELEASE>.gced5d17
|
||||
%else
|
||||
Release: 0
|
||||
%endif
|
||||
|
||||
+1
-1
@@ -29,7 +29,7 @@ Name: kernel-docs
|
||||
Summary: Kernel Documentation
|
||||
Version: 3.0.101
|
||||
%if 0%{?is_kotd}
|
||||
Release: <RELEASE>.g815079c
|
||||
Release: <RELEASE>.gced5d17
|
||||
%else
|
||||
Release: 0
|
||||
%endif
|
||||
|
||||
+1
-1
@@ -67,7 +67,7 @@ Name: kernel-ec2
|
||||
Summary: The Amazon EC2 Xen Kernel
|
||||
Version: 3.0.101
|
||||
%if 0%{?is_kotd}
|
||||
Release: <RELEASE>.g815079c
|
||||
Release: <RELEASE>.gced5d17
|
||||
%else
|
||||
Release: 0
|
||||
%endif
|
||||
|
||||
+1
-1
@@ -67,7 +67,7 @@ Name: kernel-pae
|
||||
Summary: Kernel with PAE Support
|
||||
Version: 3.0.101
|
||||
%if 0%{?is_kotd}
|
||||
Release: <RELEASE>.g815079c
|
||||
Release: <RELEASE>.gced5d17
|
||||
%else
|
||||
Release: 0
|
||||
%endif
|
||||
|
||||
+1
-1
@@ -31,7 +31,7 @@ Name: kernel-source
|
||||
Summary: The Linux Kernel Sources
|
||||
Version: 3.0.101
|
||||
%if 0%{?is_kotd}
|
||||
Release: <RELEASE>.g815079c
|
||||
Release: <RELEASE>.gced5d17
|
||||
%else
|
||||
Release: 0
|
||||
%endif
|
||||
|
||||
+1
-1
@@ -26,7 +26,7 @@ Summary: Kernel Symbol Versions (modversions)
|
||||
Version: 3.0.101
|
||||
%if %using_buildservice
|
||||
%if 0%{?is_kotd}
|
||||
Release: <RELEASE>.g815079c
|
||||
Release: <RELEASE>.gced5d17
|
||||
%else
|
||||
Release: 0
|
||||
%endif
|
||||
|
||||
+1
-1
@@ -67,7 +67,7 @@ Name: kernel-trace
|
||||
Summary: The Tracing Kernel
|
||||
Version: 3.0.101
|
||||
%if 0%{?is_kotd}
|
||||
Release: <RELEASE>.g815079c
|
||||
Release: <RELEASE>.gced5d17
|
||||
%else
|
||||
Release: 0
|
||||
%endif
|
||||
|
||||
+1
-1
@@ -67,7 +67,7 @@ Name: kernel-vanilla
|
||||
Summary: The Standard Kernel - without any SUSE patches
|
||||
Version: 3.0.101
|
||||
%if 0%{?is_kotd}
|
||||
Release: <RELEASE>.g815079c
|
||||
Release: <RELEASE>.gced5d17
|
||||
%else
|
||||
Release: 0
|
||||
%endif
|
||||
|
||||
+1
-1
@@ -67,7 +67,7 @@ Name: kernel-xen
|
||||
Summary: The Xen Kernel
|
||||
Version: 3.0.101
|
||||
%if 0%{?is_kotd}
|
||||
Release: <RELEASE>.g815079c
|
||||
Release: <RELEASE>.gced5d17
|
||||
%else
|
||||
Release: 0
|
||||
%endif
|
||||
|
||||
BIN
Binary file not shown.
BIN
Binary file not shown.
+23
@@ -3298,6 +3298,7 @@
|
||||
patches.suse/ipvs-Defer-ip_vs_ftp-unregister-during-netns-cleanup.patch
|
||||
patches.suse/netfilter-xt_tcpmss-check-remaining-length-before-reading-.patch
|
||||
patches.suse/netfilter-ip6t_eui64-reject-invalid-MAC-header-for-all-pac.patch
|
||||
patches.suse/net-sched-fix-pedit-partial-COW-leading-to-page-cache.patch
|
||||
|
||||
########################################################
|
||||
# tipc
|
||||
@@ -3605,6 +3606,9 @@
|
||||
patches.fixes/ipv6-remove-max_size-check-inline-with-ipv4.patch
|
||||
patches.kabi/kabi-restore-return-type-of-dst_ops-gc-callback.patch
|
||||
patches.suse/net-sched-Enforce-that-teql-can-only-be-used-as-root.patch
|
||||
patches.suse/tcp-do-not-use-ipv6-header-for-ipv4-flow.patch
|
||||
patches.suse/tcp-fix-potential-race-in-tcp_v6_syn_recv_sock.patch
|
||||
patches.kabi/kabi-revert-kabi-breaking-changes-from-bsc-1264610-f.patch
|
||||
|
||||
########################################################
|
||||
# NFS
|
||||
@@ -7300,6 +7304,14 @@
|
||||
|
||||
patches.suse/0001-netfilter-x_tables-fix-LED-ID-check-in-led_tg_check.patch
|
||||
|
||||
# not netfilter but depend on netfilter backports
|
||||
patches.suse/inet-Sanitize-inet-6-protocol-demux.patch
|
||||
patches.suse/ipv4-Pull-icmp-socket-delivery-out-into-a-helper-fun.patch
|
||||
patches.suse/ipv4-Deliver-ICMP-redirects-to-sockets-too.patch
|
||||
patches.suse/ipv4-Put-proper-checks-into-icmp_socket_deliver.patch
|
||||
patches.suse/net-fix-the-counter-ICMP_MIB_INERRORS-ICMP6_MIB_INER.patch
|
||||
patches.suse/inet-RAW-sockets-using-IPPROTO_RAW-MUST-drop-incomin.patch
|
||||
|
||||
########################################################
|
||||
# PCI and PCI hotplug
|
||||
########################################################
|
||||
@@ -27175,6 +27187,16 @@
|
||||
# CVE-2026-45970 bsc#1267205
|
||||
patches.suse/bonding-alb-fix-UAF-in-rlb_arp_recv-during-bond-up-d.patch
|
||||
|
||||
# CVE-2026-52918 bsc#1269100
|
||||
patches.suse/Bluetooth-serialize-accept_q-access.patch
|
||||
|
||||
# CVE-2026-46090 bsc#1267531
|
||||
patches.suse/ALSA-aloop-Fix-peer-runtime-UAF-during-format-change.patch
|
||||
|
||||
# CVE-2026-53253 bsc#1269574
|
||||
patches.suse/skbuff-introduce-skb_pull_data.patch
|
||||
patches.suse/Bluetooth-bnep-reject-short-frames-before-parsing.patch
|
||||
|
||||
########################################################
|
||||
# xen architecture, version 3
|
||||
########################################################
|
||||
@@ -27564,4 +27586,5 @@
|
||||
patches.xen/xen-netfront.napi_complete.patch
|
||||
patches.suse/md-raid1-fix-potential-OOB-in-raid1_remove_disk.patch
|
||||
patches.suse/KVM-x86-Fix-shadow-paging-use-after-free-due-to-unex.patch
|
||||
patches.suse/KVM-x86-Fix-shadow-paging-use-after-free-due-to-unex-81ccda30b4e8.patch
|
||||
|
||||
|
||||
+2
-2
@@ -1,3 +1,3 @@
|
||||
2026-07-03 23:12:36 +0000
|
||||
GIT Revision: 815079c42e03fb0e863fca13af1a661ddaa6fc00
|
||||
2026-07-04 06:21:00 +0000
|
||||
GIT Revision: ced5d17b56330ac568f27a497297463ea73ad563
|
||||
GIT Branch: SLE11-SP4-LTSS
|
||||
|
||||
Reference in New Issue
Block a user