SUSE-SU-2022:1038-1: important: Security update for the Linux Kernel

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Wed Mar 30 13:23:21 UTC 2022


   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2022:1038-1
Rating:             important
References:         #1176447 #1176774 #1178134 #1179439 #1181147 
                    #1191428 #1192273 #1193787 #1194516 #1194943 
                    #1195051 #1195211 #1195353 #1195403 #1195516 
                    #1195612 #1195897 #1195908 #1195947 #1195949 
                    #1195987 #1196079 #1196095 #1196130 #1196155 
                    #1196299 #1196301 #1196403 #1196468 #1196472 
                    #1196488 #1196627 #1196723 #1196776 #1196779 
                    #1196830 #1196866 #1196868 #1197300 #922815 
                    #998635 
Cross-References:   CVE-2021-0920 CVE-2021-39698 CVE-2021-44879
                    CVE-2021-45402 CVE-2022-0487 CVE-2022-0492
                    CVE-2022-0516 CVE-2022-0617 CVE-2022-0644
                    CVE-2022-23036 CVE-2022-23037 CVE-2022-23038
                    CVE-2022-23039 CVE-2022-23040 CVE-2022-23041
                    CVE-2022-23042 CVE-2022-24448 CVE-2022-24958
                    CVE-2022-24959 CVE-2022-25258 CVE-2022-25636
                    CVE-2022-26490 CVE-2022-26966 CVE-2022-27223
                   
CVSS scores:
                    CVE-2021-0920 (NVD) : 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-0920 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-39698 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-39698 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-44879 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2021-44879 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2021-45402 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2021-45402 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
                    CVE-2022-0487 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2022-0487 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-0492 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-0492 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-0516 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-0516 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-0617 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-0617 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-0644 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-23036 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-23036 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
                    CVE-2022-23037 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-23037 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
                    CVE-2022-23038 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-23038 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
                    CVE-2022-23039 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-23039 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
                    CVE-2022-23040 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-23040 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
                    CVE-2022-23041 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-23041 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
                    CVE-2022-23042 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-23042 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
                    CVE-2022-24448 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
                    CVE-2022-24448 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2022-24958 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-24958 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-24959 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-24959 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-25258 (NVD) : 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-25258 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-25636 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-25636 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-26490 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-26490 (SUSE): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
                    CVE-2022-26966 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2022-26966 (SUSE): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
                    CVE-2022-27223 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-27223 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products:
                    SUSE Linux Enterprise Micro 5.1
                    SUSE Linux Enterprise Module for Realtime 15-SP3
                    SUSE Linux Enterprise Real Time 15-SP3
______________________________________________________________________________

   An update that solves 24 vulnerabilities and has 17 fixes
   is now available.

Description:

   The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various
   security and bugfixes.


   The following security bugs were fixed:

   - CVE-2022-25636: Fixed an issue which allowed a local users to gain
     privileges because of a heap out-of-bounds write in nf_dup_netdev.c,
     related to nf_tables_offload (bsc#1196299).
   - CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An
     attacker with adjacent NFC access could trigger crash the system or
     corrupt system memory (bsc#1196830).
   - CVE-2022-0487: A use-after-free vulnerability was found in
     rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c
     (bsc#1194516).
   - CVE-2022-0492: Fixed a privilege escalation related to cgroups v1
     release_agent feature, which allowed bypassing namespace isolation
     unexpectedly (bsc#1195543).
   - CVE-2022-0516: Fixed missing check in ioctl related to KVM in s390
     allows kernel memory read/write (bsc#1195516).
   - CVE-2022-24448: Fixed an issue if an application sets the O_DIRECTORY
     flag, and tries to open a regular file, nfs_atomic_open() performs a
     regular lookup. If a regular file is found, ENOTDIR should have occured,
     but the server instead returned uninitialized data in the file
     descriptor (bsc#1195612).
   - CVE-2022-0617: Fixed a null pointer dereference in UDF file system
     functionality. A local user could crash the system by triggering
     udf_file_write_iter() via a malicious UDF image. (bsc#1196079)
   - CVE-2022-0644: Fixed a denial of service by a local user. A assertion
     failure could be triggered in kernel_read_file_from_fd(). (bsc#1196155)
   - CVE-2022-25258: The USB Gadget subsystem lacked certain validation of
     interface OS descriptor requests, which could have lead to memory
     corruption (bsc#1196096).
   - CVE-2022-24958: drivers/usb/gadget/legacy/inode.c mishandled dev->buf
     release (bsc#1195905).
   - CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in
     drivers/net/hamradio/yam.c (bsc#1195897).
   - CVE-2022-27223: In drivers/usb/gadget/udc/udc-xilinx.c the endpoint
     index was not validated and could have been manipulated by the host for
     out-of-array access (bsc#1197245).
   - CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were
     not considered, which lead to a move_data_page NULL pointer dereference
     (bsc#1195987).
   - CVE-2021-0920: Fixed a local privilege escalation due to a
     use-after-free vulnerability in unix_scm_to_skb of af_unix (bsc#1193731).
   - CVE-2022-26966: Fixed an issue in drivers/net/usb/sr9700.c, which
     allowed attackers to obtain sensitive information from heap memory via
     crafted frame lengths from a device (bsc#1196836).
   - CVE-2021-39698: Fixed a possible memory corruption due to a use after
     free in aio_poll_complete_work. This could lead to local escalation of
     privilege with no additional execution privileges needed. (bsc#1196956)
   - CVE-2021-45402: The check_alu_op function in kernel/bpf/verifier.c did
     not properly update bounds while handling the mov32 instruction, which
     allowed local users to obtain potentially sensitive address information
     (bsc#1196130).
   -
   CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,
     CVE-2022-23041,CVE-2022-23042: Fixed multiple issues which could have
     lead to read/write access to memory pages or denial of service. These
     issues are related to the Xen PV device frontend drivers. (bsc#1196488)

   The following non-security bugs were fixed:

   - ALSA: intel_hdmi: Fix reference to PCM buffer address (git-fixes).
   - arm64: dts: rockchip: Switch RK3399-Gru DP to SPDIF output (git-fixes).
   - ARM: 9182/1: mmu: fix returns from early_param() and __setup() functions
     (git-fixes).
   - ARM: Fix kgdb breakpoint for Thumb2 (git-fixes).
   - asix: fix uninit-value in asix_mdio_read() (git-fixes).
   - ASoC: cs4265: Fix the duplicated control name (git-fixes).
   - ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min
     (git-fixes).
   - ASoC: rt5682: do not block workqueue if card is unbound (git-fixes).
   - ata: pata_hpt37x: disable primary channel on HPT371 (git-fixes).
   - ax25: Fix NULL pointer dereference in ax25_kill_by_device (git-fixes).
   - batman-adv: Do not expect inter-netns unique iflink indices (git-fixes).
   - batman-adv: Request iflink once in batadv_get_real_netdevice (git-fixes).
   - batman-adv: Request iflink once in batadv-on-batadv check (git-fixes).
   - blk-mq: do not free tags if the tag_set is used by other device in queue
     initialztion (bsc#1193787).
   - Bluetooth: btusb: Add missing Chicony device for Realtek RTL8723BE
     (bsc#1196779).
   - bnxt_en: Fix active FEC reporting to ethtool (jsc#SLE-16649).
   - bnxt_en: Fix incorrect multicast rx mask setting when not requested
     (git-fixes).
   - bnxt_en: Fix occasional ethtool -t loopback test failures (git-fixes).
   - bnxt_en: Fix offline ethtool selftest with RDMA enabled (git-fixes).
   - bonding: force carrier update when releasing slave (git-fixes).
   - can: gs_usb: change active_channels's type from atomic_t to u8
     (git-fixes).
   - cgroup/cpuset: Fix "suspicious RCU usage" lockdep warning (bsc#1196868).
   - cgroup-v1: Correct privileges check in release_agent writes
     (bsc#1196723).
   - clk: jz4725b: fix mmc0 clock gating (git-fixes).
   - constraints: Also adjust disk requirement for x86 and s390.
   - constraints: Increase disk space for aarch64
   - cpufreq: schedutil: Use kobject release() method to free (git-fixes)
   - cpuset: Fix the bug that subpart_cpus updated wrongly in
     update_cpumask() (bsc#1196866).
   - cputime, cpuacct: Include guest time in user time in (git-fixes)
   - dma-direct: Fix potential NULL pointer dereference (bsc#1196472
     ltc#192278).
   - dmaengine: shdma: Fix runtime PM imbalance on error (git-fixes).
   - dma-mapping: Allow mixing bypass and mapped DMA operation (bsc#1196472
     ltc#192278).
   - drm/amdgpu: disable MMHUB PG for Picasso (git-fixes).
   - drm/edid: Always set RGB444 (git-fixes).
   - drm/i915/dg1: Wait for pcode/uncore handshake at startup (bsc#1195211).
   - drm/i915/gen11+: Only load DRAM information from pcode (bsc#1195211).
   - drm/i915: Nuke not needed members of dram_info (bsc#1195211).
   - drm/i915: Remove memory frequency calculation (bsc#1195211).
   - drm/i915: Rename is_16gb_dimm to wm_lv_0_adjust_needed (bsc#1195211).
   - drm/sun4i: mixer: Fix P010 and P210 format numbers (git-fixes).
   - EDAC/altera: Fix deferred probing (bsc#1178134).
   - EDAC: Fix calculation of returned address and next offset in
     edac_align_ptr() (bsc#1178134).
   - efivars: Respect "block" flag in efivar_entry_set_safe() (git-fixes).
   - exfat: fix i_blocks for files truncated over 4 GiB (git-fixes).
   - exfat: fix incorrect loading of i_blocks for large files (git-fixes).
   - firmware: arm_scmi: Remove space in MODULE_ALIAS name (git-fixes).
   - gianfar: ethtool: Fix refcount leak in gfar_get_ts_info (git-fixes).
   - gpiolib: acpi: Convert ACPI value of debounce to microseconds
     (git-fixes).
   - gpio: rockchip: Reset int_bothedge when changing trigger (git-fixes).
   - gpio: tegra186: Fix chip_data type confusion (git-fixes).
   - gpio: ts4900: Do not set DAT and OE together (git-fixes).
   - gtp: remove useless rcu_read_lock() (git-fixes).
   - hamradio: fix macro redefine warning (git-fixes).
   - Hand over the maintainership to SLE15-SP3 maintainers
   - HID: add mapping for KEY_ALL_APPLICATIONS (git-fixes).
   - HID: add mapping for KEY_DICTATE (git-fixes).
   - i2c: bcm2835: Avoid clock stretching timeouts (git-fixes).
   - iavf: Fix missing check for running netdev (git-fixes).
   - IB/hfi1: Correct guard on eager buffer deallocation (git-fixes).
   - IB/hfi1: Fix early init panic (git-fixes).
   - IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr (git-fixes).
   - IB/hfi1: Insure use of smp_processor_id() is preempt disabled
     (git-fixes).
   - IB/rdmavt: Validate remote_addr during loopback atomic tests (git-fixes).
   - ice: initialize local variable 'tlv' (jsc#SLE-12878).
   - igc: igc_read_phy_reg_gpy: drop premature return (git-fixes).
   - igc: igc_write_phy_reg_gpy: drop premature return (git-fixes).
   - iio: adc: ad7124: fix mask used for setting AIN_BUFP & AIN_BUFM bits
     (git-fixes).
   - iio: adc: men_z188_adc: Fix a resource leak in an error handling path
     (git-fixes).
   - iio: Fix error handling for PM (git-fixes).
   - Input: clear BTN_RIGHT/MIDDLE on buttonpads (git-fixes).
   - Input: elan_i2c - fix regulator enable count imbalance after
     suspend/resume (git-fixes).
   - Input: elan_i2c - move regulator_[en|dis]able() out of
     elan_[en|dis]able_power() (git-fixes).
   - ixgbe: xsk: change !netif_carrier_ok() handling in ixgbe_xmit_zc()
     (git-fixes).
   - mac80211: fix forwarded mesh frames AC & queue selection (git-fixes).
   - mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work (git-fixes).
   - mac80211_hwsim: report NOACK frames in tx_status (git-fixes).
   - mask out added spinlock in rndis_params (git-fixes).
   - mmc: meson: Fix usage of meson_mmc_post_req() (git-fixes).
   - net: dsa: mv88e6xxx: MV88E6097 does not support jumbo configuration
     (git-fixes).
   - net: ethernet: ti: cpsw: disable PTPv1 hw timestamping advertisement
     (git-fixes).
   - netfilter: nf_tables: fix memory leak during stateful obj update
     (bsc#1176447).
   - net: fix up skbs delta_truesize in UDP GRO frag_list (bsc#1176447).
   - net: hns3: Clear the CMDQ registers before unmapping BAR region
     (git-fixes).
   - net/mlx5e: Fix modify header actions memory leak (git-fixes).
   - net/mlx5e: Fix page DMA map/unmap attributes (bsc#1196468).
   - net/mlx5e: Fix wrong return value on ioctl EEPROM query failure
     (git-fixes).
   - net/mlx5e: kTLS, Use CHECKSUM_UNNECESSARY for device-offloaded packets
     (jsc#SLE-15172).
   - net/mlx5e: TC, Reject rules with drop and modify hdr action (git-fixes).
   - net/mlx5e: TC, Reject rules with forward and drop actions (git-fixes).
   - net/mlx5: Fix possible deadlock on rule deletion (git-fixes).
   - net/mlx5: Fix wrong limitation of metadata match on ecpf (git-fixes).
   - net/mlx5: Update the list of the PCI supported devices (git-fixes).
   - net: phy: DP83822: clear MISR2 register to disable interrupts
     (git-fixes).
   - net/sched: act_ct: Fix flow table lookup after ct clear or switching
     zones (jsc#SLE-15172).
   - netsec: ignore 'phy-mode' device property on ACPI systems (git-fixes).
   - net: sfc: Replace in_interrupt() usage (git-fixes).
   - net: tipc: validate domain record count on input (bsc#1195254).
   - net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990
     (git-fixes).
   - NFC: port100: fix use-after-free in port100_send_complete (git-fixes).
   - nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac()
     (git-fixes).
   - nl80211: Handle nla_memdup failures in handle_nan_filter (git-fixes).
   - ntb: intel: fix port config status offset for SPR (git-fixes).
   - nvme: fix a possible use-after-free in controller reset during load
     (git-fixes).
   - nvme-multipath: use vmalloc for ANA log buffer (bsc#1193787).
   - nvme-rdma: fix possible use-after-free in transport error_recovery work
     (git-fixes).
   - nvme-tcp: fix possible use-after-free in transport error_recovery work
     (git-fixes).
   - powerpc/dma: Fallback to dma_ops when persistent memory present
     (bsc#1196472 ltc#192278).
   - powerpc/fadump: register for fadump as early as possible (bsc#1179439
     ltc#190038).
   - powerpc/mm: Remove dcache flush from memory remove (bsc#1196433
     ltc#196449).
   - powerpc/powernv/memtrace: Fix dcache flushing (bsc#1196433 ltc#196449).
   - powerpc/pseries/iommu: Fix window size for direct mapping with pmem
     (bsc#1196472 ltc#192278).
   - RDMA/bnxt_re: Scan the whole bitmap when checking if "disabling RCFW
     with pending cmd-bit" (git-fixes).
   - RDMA/cma: Do not change route.addr.src_addr outside state checks
     (bsc#1181147).
   - RDMA/cma: Let cma_resolve_ib_dev() continue search even after empty
     entry (git-fixes).
   - RDMA/cma: Remove open coding of overflow checking for private_data_len
     (git-fixes).
   - RDMA/core: Do not infoleak GRH fields (git-fixes).
   - RDMA/core: Let ib_find_gid() continue search even after empty entry
     (git-fixes).
   - RDMA/cxgb4: Set queue pair state when being queried (git-fixes).
   - RDMA/hns: Validate the pkey index (git-fixes).
   - RDMA/ib_srp: Fix a deadlock (git-fixes).
   - RDMA/mlx4: Do not continue event handler after memory allocation failure
     (git-fixes).
   - RDMA/rtrs-clt: Fix possible double free in error case (jsc#SLE-15176).
   - RDMA/rxe: Fix a typo in opcode name (git-fixes).
   - RDMA/siw: Fix broken RDMA Read Fence/Resume logic (git-fixes).
   - RDMA/uverbs: Check for null return of kmalloc_array (git-fixes).
   - RDMA/uverbs: Remove the unnecessary assignment (git-fixes).
   - README.BRANCH: Add Frederic Weisbecker as branch maintainer
   - README.BRANCH: Remove Davidlohr Bueso as a branch maintainer
   - rpm/arch-symbols,guards,*driver: Replace Novell with SUSE.
   - rpm: SC2006: Use $(...) notation instead of legacy backticked `...`.
   - sched/core: Mitigate race (git-fixes)
   - scsi: bnx2fc: Flush destroy_work queue before calling
     bnx2fc_interface_put() (git-fixes).
   - scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe (git-fixes).
   - scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write()
     (git-fixes).
   - scsi: nsp_cs: Check of ioremap return value (git-fixes).
   - scsi: qedf: Fix potential dereference of NULL pointer (git-fixes).
   - scsi: smartpqi: Add PCI IDs (bsc#1196627).
   - scsi: ufs: Fix race conditions related to driver data (git-fixes).
   - selftests: mlxsw: tc_police_scale: Make test more robust (bsc#1176774).
   - soc: fsl: Correct MAINTAINERS database (QUICC ENGINE LIBRARY)
     (git-fixes).
   - soc: fsl: Correct MAINTAINERS database (SOC) (git-fixes).
   - soc: fsl: qe: Check of ioremap return value (git-fixes).
   - spi: spi-zynq-qspi: Fix a NULL pointer dereference in
     zynq_qspi_exec_mem_op() (git-fixes).
   - sr9700: sanity check for packet length (bsc#1196836).
   - staging: gdm724x: fix use after free in gdm_lte_rx() (git-fixes).
   - SUNRPC: avoid race between mod_timer() and del_timer_sync()
     (bnc#1195403).
   - tracing: Fix return value of __setup handlers (git-fixes).
   - tty: n_gsm: fix encoding of control signal octet bit DV (git-fixes).
   - tty: n_gsm: fix proper link termination after failed open (git-fixes).
   - usb: dwc2: Fix Stalling a Non-Isochronous OUT EP (git-fixes).
   - usb: dwc2: gadget: Fix GOUTNAK flow for Slave mode (git-fixes).
   - usb: dwc2: gadget: Fix kill_all_requests race (git-fixes).
   - usb: dwc2: use well defined macros for power_down (git-fixes).
   - usb: dwc3: gadget: Let the interrupt handler disable bottom halves
     (git-fixes).
   - usb: dwc3: meson-g12a: Disable the regulator in the error handling path
     of the probe (git-fixes).
   - usb: dwc3: pci: Fix Bay Trail phy GPIO mappings (git-fixes).
   - usb: gadget: rndis: add spinlock for rndis response list (git-fixes).
   - USB: gadget: validate endpoint index for xilinx udc (git-fixes).
   - USB: gadget: validate interface OS descriptor requests (git-fixes).
   - usb: host: xen-hcd: add missing unlock in error path (git-fixes).
   - USB: hub: Clean up use of port initialization schemes and retries
     (git-fixes).
   - usb: hub: Fix locking issues with address0_mutex (git-fixes).
   - usb: hub: Fix usb enumeration issue due to address0 race (git-fixes).
   - USB: serial: option: add support for DW5829e (git-fixes).
   - USB: serial: option: add Telit LE910R1 compositions (git-fixes).
   - USB: zaurus: support another broken Zaurus (git-fixes).
   - vrf: Fix fast path output packet handling with async Netfilter rules
     (git-fixes).
   - xen/usb: do not use gnttab_end_foreign_access() in xenhcd_gnttab_done()
     (bsc#1196488, XSA-396).
   - xhci: Prevent futile URB re-submissions due to incorrect return value
     (git-fixes).
   - xhci: re-initialize the HC during resume if HCE was set (git-fixes).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Module for Realtime 15-SP3:

      zypper in -t patch SUSE-SLE-Module-RT-15-SP3-2022-1038=1

   - SUSE Linux Enterprise Micro 5.1:

      zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1038=1



Package List:

   - SUSE Linux Enterprise Module for Realtime 15-SP3 (x86_64):

      cluster-md-kmp-rt-5.3.18-150300.82.1
      cluster-md-kmp-rt-debuginfo-5.3.18-150300.82.1
      dlm-kmp-rt-5.3.18-150300.82.1
      dlm-kmp-rt-debuginfo-5.3.18-150300.82.1
      gfs2-kmp-rt-5.3.18-150300.82.1
      gfs2-kmp-rt-debuginfo-5.3.18-150300.82.1
      kernel-rt-5.3.18-150300.82.1
      kernel-rt-debuginfo-5.3.18-150300.82.1
      kernel-rt-debugsource-5.3.18-150300.82.1
      kernel-rt-devel-5.3.18-150300.82.1
      kernel-rt-devel-debuginfo-5.3.18-150300.82.1
      kernel-rt_debug-debuginfo-5.3.18-150300.82.1
      kernel-rt_debug-debugsource-5.3.18-150300.82.1
      kernel-rt_debug-devel-5.3.18-150300.82.1
      kernel-rt_debug-devel-debuginfo-5.3.18-150300.82.1
      kernel-syms-rt-5.3.18-150300.82.1
      ocfs2-kmp-rt-5.3.18-150300.82.1
      ocfs2-kmp-rt-debuginfo-5.3.18-150300.82.1

   - SUSE Linux Enterprise Module for Realtime 15-SP3 (noarch):

      kernel-devel-rt-5.3.18-150300.82.1
      kernel-source-rt-5.3.18-150300.82.1

   - SUSE Linux Enterprise Micro 5.1 (x86_64):

      kernel-rt-5.3.18-150300.82.1
      kernel-rt-debuginfo-5.3.18-150300.82.1
      kernel-rt-debugsource-5.3.18-150300.82.1


References:

   https://www.suse.com/security/cve/CVE-2021-0920.html
   https://www.suse.com/security/cve/CVE-2021-39698.html
   https://www.suse.com/security/cve/CVE-2021-44879.html
   https://www.suse.com/security/cve/CVE-2021-45402.html
   https://www.suse.com/security/cve/CVE-2022-0487.html
   https://www.suse.com/security/cve/CVE-2022-0492.html
   https://www.suse.com/security/cve/CVE-2022-0516.html
   https://www.suse.com/security/cve/CVE-2022-0617.html
   https://www.suse.com/security/cve/CVE-2022-0644.html
   https://www.suse.com/security/cve/CVE-2022-23036.html
   https://www.suse.com/security/cve/CVE-2022-23037.html
   https://www.suse.com/security/cve/CVE-2022-23038.html
   https://www.suse.com/security/cve/CVE-2022-23039.html
   https://www.suse.com/security/cve/CVE-2022-23040.html
   https://www.suse.com/security/cve/CVE-2022-23041.html
   https://www.suse.com/security/cve/CVE-2022-23042.html
   https://www.suse.com/security/cve/CVE-2022-24448.html
   https://www.suse.com/security/cve/CVE-2022-24958.html
   https://www.suse.com/security/cve/CVE-2022-24959.html
   https://www.suse.com/security/cve/CVE-2022-25258.html
   https://www.suse.com/security/cve/CVE-2022-25636.html
   https://www.suse.com/security/cve/CVE-2022-26490.html
   https://www.suse.com/security/cve/CVE-2022-26966.html
   https://www.suse.com/security/cve/CVE-2022-27223.html
   https://bugzilla.suse.com/1176447
   https://bugzilla.suse.com/1176774
   https://bugzilla.suse.com/1178134
   https://bugzilla.suse.com/1179439
   https://bugzilla.suse.com/1181147
   https://bugzilla.suse.com/1191428
   https://bugzilla.suse.com/1192273
   https://bugzilla.suse.com/1193787
   https://bugzilla.suse.com/1194516
   https://bugzilla.suse.com/1194943
   https://bugzilla.suse.com/1195051
   https://bugzilla.suse.com/1195211
   https://bugzilla.suse.com/1195353
   https://bugzilla.suse.com/1195403
   https://bugzilla.suse.com/1195516
   https://bugzilla.suse.com/1195612
   https://bugzilla.suse.com/1195897
   https://bugzilla.suse.com/1195908
   https://bugzilla.suse.com/1195947
   https://bugzilla.suse.com/1195949
   https://bugzilla.suse.com/1195987
   https://bugzilla.suse.com/1196079
   https://bugzilla.suse.com/1196095
   https://bugzilla.suse.com/1196130
   https://bugzilla.suse.com/1196155
   https://bugzilla.suse.com/1196299
   https://bugzilla.suse.com/1196301
   https://bugzilla.suse.com/1196403
   https://bugzilla.suse.com/1196468
   https://bugzilla.suse.com/1196472
   https://bugzilla.suse.com/1196488
   https://bugzilla.suse.com/1196627
   https://bugzilla.suse.com/1196723
   https://bugzilla.suse.com/1196776
   https://bugzilla.suse.com/1196779
   https://bugzilla.suse.com/1196830
   https://bugzilla.suse.com/1196866
   https://bugzilla.suse.com/1196868
   https://bugzilla.suse.com/1197300
   https://bugzilla.suse.com/922815
   https://bugzilla.suse.com/998635



More information about the sle-security-updates mailing list