SUSE-IU-2022:1133-1: Security update of suse-sles-15-sp3-chost-byos-v20221119-x86_64-gen2

sle-security-updates at sle-security-updates at
Tue Nov 22 08:04:42 UTC 2022

SUSE Image Update Advisory: suse-sles-15-sp3-chost-byos-v20221119-x86_64-gen2
Image Advisory ID : SUSE-IU-2022:1133-1
Image Tags        : suse-sles-15-sp3-chost-byos-v20221119-x86_64-gen2:20221119
Image Release     : 
Severity          : critical
Type              : security
References        : 1027519 1032323 1065729 1087072 1101820 1149792 1152489 1167864
                        1176785 1177083 1177460 1177471 1180995 1181961 1185032 1190818
                        1192439 1193923 1194023 1194530 1196444 1196840 1197659 1198702
                        1199492 1199564 1199856 1199918 1199926 1199927 1199944 1200022
                        1200102 1200313 1200465 1200622 1200788 1201247 1201309 1201310
                        1201489 1201645 1201725 1201865 1201959 1201978 1201990 1202021
                        1202095 1202324 1202341 1202385 1202627 1202638 1202677 1202686
                        1202700 1202803 1202812 1202821 1202960 1202976 1202984 1203046
                        1203066 1203098 1203159 1203164 1203181 1203201 1203290 1203313
                        1203387 1203389 1203391 1203410 1203424 1203496 1203514 1203552
                        1203614 1203619 1203620 1203622 1203652 1203681 1203737 1203769
                        1203770 1203802 1203806 1203807 1203906 1203909 1203911 1203935
                        1203939 1203987 1203988 1203989 1203992 1204051 1204053 1204059
                        1204060 1204111 1204112 1204113 1204125 1204137 1204145 1204166
                        1204168 1204179 1204211 1204256 1204289 1204290 1204291 1204292
                        1204354 1204355 1204357 1204366 1204367 1204382 1204383 1204402
                        1204415 1204417 1204431 1204439 1204470 1204479 1204482 1204485
                        1204487 1204488 1204489 1204490 1204494 1204496 1204574 1204575
                        1204619 1204635 1204637 1204646 1204647 1204649 1204653 1204690
                        1204708 1204728 1204753 1204754 1204968 1204986 1205156 CVE-2016-3709
                        CVE-2018-10903 CVE-2020-10696 CVE-2020-16119 CVE-2021-20206 CVE-2021-22569
                        CVE-2021-4037 CVE-2021-46848 CVE-2022-1615 CVE-2022-1664 CVE-2022-1941
                        CVE-2022-20008 CVE-2022-2153 CVE-2022-2503 CVE-2022-2586 CVE-2022-2795
                        CVE-2022-2928 CVE-2022-2929 CVE-2022-2964 CVE-2022-2978 CVE-2022-2990
                        CVE-2022-3169 CVE-2022-3171 CVE-2022-3176 CVE-2022-32221 CVE-2022-3239
                        CVE-2022-32743 CVE-2022-3303 CVE-2022-33746 CVE-2022-33747 CVE-2022-33748
                        CVE-2022-3424 CVE-2022-3515 CVE-2022-3521 CVE-2022-3524 CVE-2022-3535
                        CVE-2022-3542 CVE-2022-3545 CVE-2022-3565 CVE-2022-3577 CVE-2022-3586
                        CVE-2022-3594 CVE-2022-3621 CVE-2022-3625 CVE-2022-3629 CVE-2022-3640
                        CVE-2022-3646 CVE-2022-3649 CVE-2022-38177 CVE-2022-38178 CVE-2022-3821
                        CVE-2022-39189 CVE-2022-40303 CVE-2022-40304 CVE-2022-40768 CVE-2022-41218
                        CVE-2022-41222 CVE-2022-41674 CVE-2022-41848 CVE-2022-41849 CVE-2022-42010
                        CVE-2022-42011 CVE-2022-42012 CVE-2022-42309 CVE-2022-42310 CVE-2022-42311
                        CVE-2022-42312 CVE-2022-42313 CVE-2022-42314 CVE-2022-42315 CVE-2022-42316
                        CVE-2022-42317 CVE-2022-42318 CVE-2022-42319 CVE-2022-42320 CVE-2022-42321
                        CVE-2022-42322 CVE-2022-42323 CVE-2022-42325 CVE-2022-42326 CVE-2022-42703
                        CVE-2022-42719 CVE-2022-42720 CVE-2022-42721 CVE-2022-42722 CVE-2022-43680
                        CVE-2022-43750 CVE-2022-43995 

The container suse-sles-15-sp3-chost-byos-v20221119-x86_64-gen2 was updated. The following patches have been included in this update:

Advisory ID: SUSE-SU-2022:3682-1
Released:    Fri Oct 21 11:42:40 2022
Summary:     Security update for bind
Type:        security
Severity:    important
References:  1201247,1203614,1203619,1203620,CVE-2022-2795,CVE-2022-38177,CVE-2022-38178
This update for bind fixes the following issues:

- CVE-2022-2795: Fixed potential performance degredation due to missing database lookup limits when processing large delegations (bsc#1203614).
- CVE-2022-38177: Fixed a memory leak that could be externally triggered in the DNSSEC verification code for the ECDSA algorithm (bsc#1203619).
- CVE-2022-38178: Fixed memory leaks that could be externally triggered in the DNSSEC verification code for the EdDSA algorithm (bsc#1203620).

- Changed ownership of /var/lib/named/master from named:named to root:root (bsc#1201247)

Advisory ID: SUSE-SU-2022:3683-1
Released:    Fri Oct 21 11:48:39 2022
Summary:     Security update for libksba
Type:        security
Severity:    critical
References:  1204357,CVE-2022-3515
This update for libksba fixes the following issues:

  - CVE-2022-3515: Fixed a possible overflow in the TLV parser (bsc#1204357).

Advisory ID: SUSE-SU-2022:3766-1
Released:    Wed Oct 26 11:38:01 2022
Summary:     Security update for buildah
Type:        security
Severity:    important
References:  1167864,1181961,1202812,CVE-2020-10696,CVE-2021-20206,CVE-2022-2990
This update for buildah fixes the following issues:

- CVE-2021-20206: Fixed an issue in libcni that could allow an attacker to execute arbitrary binaries on the host (bsc#1181961).
- CVE-2020-10696: Fixed an issue that could lead to files being overwritten during the image building process (bsc#1167864).
- CVE-2022-2990: Fixed possible information disclosure and modification / bsc#1202812

Buildah was updated to version 1.27.1:

* run: add container gid to additional groups

- Add fix for CVE-2022-2990 / bsc#1202812

Update to version 1.27.0:

* Don't try to call runLabelStdioPipes if spec.Linux is not set
* build: support filtering cache by duration using --cache-ttl
* build: support building from commit when using git repo as build context
* build: clean up git repos correctly when using subdirs
* integration tests: quote '?' in shell scripts
* test: manifest inspect should have OCIv1 annotation
* vendor: bump to c/common at 87fab4b7019a
* Failure to determine a file or directory should print an error
* refactor: remove unused CommitOptions from generateBuildOutput
* stage_executor: generate output for cases with no commit
* stage_executor, commit: output only if last stage in build
* Use errors.Is() instead of os.Is{Not,}Exist
* Minor test tweak for podman-remote compatibility
* Cirrus: Use the latest imgts container
* imagebuildah: complain about the right Dockerfile
* tests: don't try to wrap `nil` errors
* cmd/buildah.commitCmd: don't shadow 'err'
* cmd/buildah.pullCmd: complain about DecryptConfig/EncryptConfig
* Fix a copy/paste error message
* Fix a typo in an error message
* build,cache: support pulling/pushing cache layers to/from remote sources
* Update vendor of containers/(common, storage, image)
* Rename chroot/run.go to chroot/run_linux.go
* Don't bother telling codespell to skip files that don't exist
* Set user namespace defaults correctly for the library
* imagebuildah: optimize cache hits for COPY and ADD instructions
* Cirrus: Update VM images w/ updated bats
* docs, run: show SELinux label flag for cache and bind mounts
* imagebuildah, build: remove undefined concurrent writes
* bump
* Add FreeBSD support for 'buildah info'
* Vendor in latest containers/(storage, common, image)
* Add freebsd cross build targets
* Make the jail package build on 32bit platforms
* Cirrus: Ensure the build-push VM image is labeled
* GHA: Fix dynamic script filename
* Vendor in containers/(common, storage, image)
* Run codespell
* Remove import of
* Avoid using cgo in pkg/jail
* Rename footypes to fooTypes for naming consistency
* Move cleanupTempVolumes and cleanupRunMounts to run_common.go
* Make the various run mounts work for FreeBSD
* Move get{Bind,Tmpfs,Secret,SSH}Mount to run_common.go
* Move runSetupRunMounts to run_common.go
* Move cleanableDestinationListFromMounts to run_common.go
* Make setupMounts and runSetupBuiltinVolumes work on FreeBSD
* Move setupMounts and runSetupBuiltinVolumes to run_common.go
* Tidy up - runMakeStdioPipe can't be shared with linux
* Move runAcceptTerminal to run_common.go
* Move stdio copying utilities to run_common.go
* Move runUsingRuntime and runCollectOutput to run_common.go
* Move fileCloser, waitForSync and contains to run_common.go
* Move checkAndOverrideIsolationOptions to run_common.go
* Move DefaultNamespaceOptions to run_common.go
* Move getNetworkInterface to run_common.go
* Move configureEnvironment to run_common.go
* Don't crash in configureUIDGID if Process.Capabilities is nil
* Move configureUIDGID to run_common.go
* Move runLookupPath to run_common.go
* Move setupTerminal to run_common.go
* Move etc file generation utilities to run_common.go
* Add run support for FreeBSD
* Add a simple FreeBSD jail library
* Add FreeBSD support to pkg/chrootuser
* Sync call signature for RunUsingChroot with chroot/run.go
* test: verify feature to resolve basename with args
* vendor: bump openshift/imagebuilder to master at 4151e43
* GHA: Remove required reserved-name use
* buildah: set XDG_RUNTIME_DIR before setting default runroot
* imagebuildah: honor build output even if build container is not commited
* chroot: honor DefaultErrnoRet
* [CI:DOCS] improve pull-policy documentation
* tests: retrofit test since --file does not supports dir
* Switch to golang native error wrapping
* BuildDockerfiles: error out if path to containerfile is a directory
* define.downloadToDirectory: fail early if bad HTTP response
* GHA: Allow re-use of Cirrus-Cron fail-mail workflow
* add: fail on bad http response instead of writing to container
* [CI:DOCS] Update buildahimage comment
* lint: inspectable is never nil
* vendor: c/common to common at 7e1563b
* build: support OCI hooks for ephemeral build containers
* [CI:BUILD] Install latest buildah instead of compiling
* Add subid support with BuildRequires and BUILDTAG [NO NEW TESTS NEEDED]
* Make sure cpp is installed in buildah images
* demo: use unshare for rootless invocations
* buildah.spec.rpkg: initial addition
* build: fix test for subid 4
* build, userns: add support for --userns=auto
* Fix building upstream buildah image
* Remove redundant buildahimages-are-sane validation
* Docs: Update multi-arch buildah images readme
* Cirrus: Migrate multiarch build off github actions
* retrofit-tests: we skip unused stages so use stages
* stage_executor: dont rely on stage while looking for additional-context
* buildkit, multistage: skip computing unwanted stages
* More test cleanup
* copier: work around freebsd bug for 'mkdir /'
* Replace $BUILDAH_BINARY with buildah() function
* Fix up buildah images
* Make util and copier build on FreeBSD
* Vendor in latest
* Makefile: allow building without .git
* run_unix: don't return an error from getNetworkInterface
* run_unix: return a valid DefaultNamespaceOptions
* Update vendor of containers/storage
* chroot: use ActKillThread instead of ActKill
* use resolvconf package from c/common/libnetwork
* update c/common to latest main
* copier: add `NoOverwriteNonDirDir` option
* Sort buildoptions and move cli/build functions to internal
* Fix TODO: de-spaghettify run mounts
* Move options parsing out of build.go and into pkg/cli
* [CI:DOCS] Tutorial 04 - Include Debian/Ubuntu deps
* build, multiarch: support splitting build logs for --platform
* [CI:BUILD] WIP Cleanup Image Dockerfiles
* cli remove stutter
* docker-parity: ignore sanity check if baseImage history is null
* build, commit: allow disabling image history with --omit-history
* Fix use generic/ambiguous DEBUG name
* Cirrus: use Ubuntu 22.04 LTS
* Fix codespell errors
* Remove util.StringInSlice because it is defined in containers/common
* buildah: add support for renaming a device in rootless setups
* squash: never use build cache when computing last step of last stage
* Update vendor of containers/(common, storage, image)
* buildkit: supports additionalBuildContext in builds via --build-context
* buildah source pull/push: show progress bar
* run: allow resuing secret twice in different RUN steps
* test helpers: default to being rootless-aware
* Add --cpp-flag flag to buildah build
* build: accept branch and subdirectory when context is git repo
* Vendor in latest containers/common
* vendor: update c/storage and c/image
* Fix gentoo install docs
* copier: move NSS load to new process
* Add test for prevention of reusing encrypted layers
* Make `buildah build --label foo` create an empty 'foo' label again

Update to version 1.26.4:

* build, multiarch: support splitting build logs for --platform
* copier: add `NoOverwriteNonDirDir` option
* docker-parity: ignore sanity check if baseImage history is null
* build, commit: allow disabling image history with --omit-history
* buildkit: supports additionalBuildContext in builds via --build-context
* Add --cpp-flag flag to buildah build

Update to version 1.26.3:

* define.downloadToDirectory: fail early if bad HTTP response
* add: fail on bad http response instead of writing to container
* squash: never use build cache when computing last step of last stage
* run: allow resuing secret twice in different RUN steps
* integration tests: update expected error messages
* integration tests: quote '?' in shell scripts
* Use errors.Is() to check for storage errors
* lint: inspectable is never nil
* chroot: use ActKillThread instead of ActKill
* chroot: honor DefaultErrnoRet
* Set user namespace defaults correctly for the library
* contrib/rpm/buildah.spec: fix `rpm` parser warnings

Drop requires on apparmor pattern, should be moved elsewhere
for systems which want AppArmor instead of SELinux.

- Update BuildRequires to libassuan-devel >= 2.5.2, pkgconfig file
  is required to build.

Update to version 1.26.2:

* buildah: add support for renaming a device in rootless setups

Update to version 1.26.1:

* Make `buildah build --label foo` create an empty 'foo' label again
* imagebuildah,build: move deepcopy of args before we spawn goroutine
* Vendor in containers/storage v1.40.2
* buildah.BuilderOptions.DefaultEnv is ignored, so mark it as deprecated
* help output: get more consistent about option usage text
* Handle OS version and features flags
* buildah build: --annotation and --label should remove values
* buildah build: add a --env
* buildah: deep copy options.Args before performing concurrent build/stage
* test: inline platform and builtinargs behaviour
* vendor: bump imagebuilder to master/009dbc6
* build: automatically set correct TARGETPLATFORM where expected
* Vendor in containers/(common, storage, image)
* imagebuildah, executor: process arg variables while populating baseMap
* buildkit: add support for custom build output with --output
* Cirrus: Update CI VMs to F36
* fix staticcheck linter warning for deprecated function
* Fix docs build on FreeBSD
* copier.unwrapError(): update for Go 1.16
* copier.PutOptions: add StripSetuidBit/StripSetgidBit/StripStickyBit
* copier.Put(): write to read-only directories
* Ed's periodic test cleanup
* using consistent lowercase 'invalid' word in returned err msg
* use etchosts package from c/common
* run: set actual hostname in /etc/hostname to match docker parity
* Update vendor of containers/(common,storage,image)
* manifest-create: allow creating manifest list from local image
* Update vendor of storage,common,image
* Initialize network backend before first pull
* oci spec: change special mount points for namespaces
* tests/helpers.bash: assert handle corner cases correctly
* buildah: actually use containers.conf settings
* integration tests: learn to start a dummy registry
* Fix error check to work on Podman
* buildah build should accept at most one arg
* tests: reduce concurrency for flaky bud-multiple-platform-no-run
* vendor in latest containers/common,image,storage
* manifest-add: allow override arch,variant while adding image
* Remove a stray `\` from .containerenv
* Vendor in latest opencontainers/selinux v1.10.1
* build, commit: allow removing default identity labels
* Create shorter names for containers based on image IDs
* test: skip rootless on cgroupv2 in root env
* fix hang when oci runtime fails
* Set permissions for GitHub actions
* copier test: use correct UID/GID in test archives
* run: set parent-death signals and forward SIGHUP/SIGINT/SIGTERM

Advisory ID: SUSE-SU-2022:3773-1
Released:    Wed Oct 26 12:19:29 2022
Summary:     Security update for curl
Type:        security
Severity:    important
References:  1204383,CVE-2022-32221
This update for curl fixes the following issues:

  - CVE-2022-32221: Fixed POST following PUT confusion (bsc#1204383).

Advisory ID: SUSE-SU-2022:3775-1
Released:    Wed Oct 26 13:06:35 2022
Summary:     Security update for the Linux Kernel
Type:        security
Severity:    important
References:  1177471,1185032,1194023,1196444,1197659,1199564,1200313,1200622,1201309,1201310,1201489,1201645,1201865,1201990,1202095,1202341,1202385,1202677,1202960,1202984,1203159,1203290,1203313,1203389,1203410,1203424,1203514,1203552,1203622,1203737,1203769,1203770,1203906,1203909,1203935,1203939,1203987,1203992,1204051,1204059,1204060,1204125,1204289,1204290,1204291,1204292,CVE-2020-16119,CVE-2022-20008,CVE-2022-2503,CVE-2022-2586,CVE-2022-3169,CVE-2022-3239,CVE-2022-3303,CVE-2022-40768,CVE-2022-41218,CVE-2022-41222,CVE-2022-41674,CVE-2022-41848,CVE-2022-41849,CVE-2022-42719,CVE-2022-42720,CVE-2022-42721,CVE-2022-42722

The SUSE Linux Enterprise 15 SP3 kernel was updated.

The following security bugs were fixed:

- CVE-2022-40768: Fixed information leak in the scsi driver which allowed local users to obtain sensitive information from kernel memory. (bnc#1203514)
- CVE-2022-3169: Fixed a denial of service flaw which occurs when consecutive requests to NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET are sent. (bnc#1203290)
- CVE-2022-42722: Fixed crash in beacon protection for P2P-device. (bsc#1204125)
- CVE-2022-42719: Fixed MBSSID parsing use-after-free. (bsc#1204051)
- CVE-2022-42721: Avoid nontransmitted BSS list corruption. (bsc#1204060)
- CVE-2022-42720: Fixed BSS refcounting bugs. (bsc#1204059)
- CVE-2022-3303: Fixed a race condition in the sound subsystem due to improper locking (bnc#1203769).
- CVE-2022-41218: Fixed an use-after-free caused by refcount races in drivers/media/dvb-core/dmxdev.c (bnc#1202960).
- CVE-2022-3239: Fixed an use-after-free in the video4linux driver that could lead a local user to able to crash the system or escalate their privileges (bnc#1203552).
- CVE-2022-41848: Fixed a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl (bnc#1203987).
- CVE-2022-41849: Fixed a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open (bnc#1203992).
- CVE-2022-41674: Fixed a DoS issue where kernel can crash on the reception of specific WiFi Frames (bsc#1203770).
- CVE-2022-2586: Fixed a use-after-free which can be triggered when a nft table is deleted (bnc#1202095).
- CVE-2022-41222: Fixed a use-after-free via a stale TLB because an rmap lock is not held during a PUD move (bnc#1203622).
- CVE-2022-2503: Fixed a bug in dm-verity, device-mapper table reloads allowed users with root privileges to switch out the target with an equivalent dm-linear target and bypass verification till reboot. This allowed root to bypass LoadPin and can be used to load untrusted and unverified kernel modules and firmware, which implies arbitrary kernel execution and persistence for peripherals that do not verify firmware updates (bnc#1202677).
- CVE-2022-20008: Fixed a bug which allowed to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. (bnc#1199564)
- CVE-2020-16119: Fixed a use-after-free vulnerability exploitable by a local attacker due to reuse of a DCCP socket. (bnc#1177471)

The following non-security bugs were fixed:

- ALSA: aloop: Fix random zeros in capture data when using jiffies timer (git-fixes).
- ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() (git-fixes).
- ALSA: hda/realtek: Re-arrange quirk table entries (git-fixes).
- ALSA: seq: Fix data-race at module auto-loading (git-fixes).
- ALSA: seq: oss: Fix data-race for max_midi_devs access (git-fixes).
- ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() (git-fixes).
- ALSA: usb-audio: fix spelling mistakes (git-fixes).
- ALSA: usb-audio: Inform the delayed registration more properly (git-fixes).
- ALSA: usb-audio: Register card again for iface over delayed_register option (git-fixes).
- ALSA: usb-audio: Split endpoint setups for hw_params and prepare (git-fixes).
- arm64: cpufeature: Allow different PMU versions in ID_DFR0_EL1 (git-fixes)
- arm64: dts: allwinner: A64 Sopine: phy-mode rgmii-id (git-fixes)
- arm64: dts: allwinner: a64-sopine-baseboard: change RGMII mode to (bsc#1202341)
- arm64: dts: allwinner: H5: NanoPi Neo Plus2: phy-mode rgmii-id (git-fixes)
- arm64: dts: rockchip: Pull up wlan wake# on Gru-Bob (git-fixes)
- arm64: dts: rockchip: Remove 'enable-active-low' from rk3399-puma (git-fixes)
- arm64: dts: rockchip: Set RK3399-Gru PCLK_EDP to 24 MHz (git-fixes)
- arm64: dts: uniphier: Fix USB interrupts for PXs3 SoC (git-fixes)
- arm64: kexec_file: use more system keyrings to verify kernel image signature (bsc#1196444).
- arm64: mm: Always update TCR_EL1 from __cpu_set_tcr_t0sz() (git-fixes)
- arm64: mm: fix p?d_leaf() (git-fixes)
- arm64: mm: use a 48-bit ID map when possible on 52-bit VA builds (git-fixes)
- arm64: tegra: Fix SDMMC1 CD on P2888 (git-fixes)
- arm64: tegra: Remove non existent Tegra194 reset (git-fixes)
- arm64: tlb: fix the TTL value of tlb_get_level (git-fixes)
- arm64/mm: Validate hotplug range before creating linear mapping (git-fixes)
- bpf: Compile out btf_parse_module() if module BTF is not enabled (git-fixes).
- cgroup: cgroup_get_from_id() must check the looked-up kn is a directory (bsc#1203906).
- crypto: arm64/gcm - Select AEAD for GHASH_ARM64_CE (git-fixes)
- crypto: arm64/poly1305 - fix a read out-of-bound (git-fixes)
- drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup (git-fixes).
- drm/amdgpu: mmVM_L2_CNTL3 register not initialized correctly (git-fixes).
- drm/gem: Fix GEM handle release errors (git-fixes).
- drm/i915/glk: ECS Liva Q2 needs GLK HDMI port timing quirk (git-fixes).
- drm/meson: Correct OSD1 global alpha value (git-fixes).
- drm/meson: Fix OSD1 RGB to YCbCr coefficient (git-fixes).
- drm/msm/rd: Fix FIFO-full deadlock (git-fixes).
- drm/radeon: add a force flush to delay work when radeon (git-fixes).
- dtb: Do not include sources in src.rpm - refer to kernel-source Same as other kernel binary packages there is no need to carry duplicate sources in dtb packages.
- efi: capsule-loader: Fix use-after-free in efi_capsule_write (git-fixes).
- fbdev: chipsfb: Add missing pci_disable_device() in chipsfb_pci_init() (git-fixes).
- fbdev: fb_pm2fb: Avoid potential divide by zero error (git-fixes).
- ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead (git-fixes).
- gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type in mpc85xx (git-fixes).
- HID: intel-ish-hid: ishtp: Fix ishtp client sending disordered message (git-fixes).
- HID: ishtp-hid-clientHID: ishtp-hid-client: Fix comment typo (git-fixes).
- ieee802154: cc2520: add rc code in cc2520_tx() (git-fixes).
- ima: force signature verification when CONFIG_KEXEC_SIG is configured (bsc#1203737).
- Input: iforce - add support for Boeder Force Feedback Wheel (git-fixes).
- Input: melfas_mip4 - fix return value check in mip4_probe() (git-fixes).
- Input: snvs_pwrkey - fix SNVS_HPVIDR1 register address (git-fixes).
- JFS: fix GPF in diFree (bsc#1203389).
- JFS: fix memleak in jfs_mount (git-fixes).
- JFS: more checks for invalid superblock (git-fixes).
- JFS: prevent NULL deref in diFree (bsc#1203389).
- kABI: x86: kexec: hide new include from genksyms (bsc#1196444).
- kexec: clean up arch_kexec_kernel_verify_sig (bsc#1196444).
- kexec: do not verify the signature without the lockdown or mandatory signature (bsc#1203737).
- kexec: drop weak attribute from arch_kexec_apply_relocations[_add] (bsc#1196444).
- kexec: drop weak attribute from functions (bsc#1196444).
- kexec: drop weak attribute from functions (bsc#1196444).
- kexec: KEYS: make the code in bzImage64_verify_sig generic (bsc#1196444).
- kexec: KEYS: s390: Make use of built-in and secondary keyring for signature verification (bsc#1196444).
- KVM: nVMX: Let userspace set nVMX MSR to any _host_ supported value (git-fixes).
- KVM: x86: Mark TSS busy during LTR emulation _after_ all fault checks (git-fixes).
- KVM: x86: Set error code to segment selector on LLDT/LTR non-canonical #GP (git-fixes).
- md-raid10: fix KASAN warning (git-fixes).
- md: call __md_stop_writes in md_stop (git-fixes).
- md: unlock mddev before reap sync_thread in action_store (bsc#1197659).
- mm: pagewalk: Fix race between unmap and page walker (git-fixes, bsc#1203159).
- mm: proc: smaps_rollup: do not stall write attempts on mmap_lock (bsc#1201990).
- mm: smaps*: extend smap_gather_stats to support specified beginning (bsc#1201990).
- net: mana: Add rmb after checking owner bits (git-fixes).
- net: mana: Add support of XDP_REDIRECT action (bug#1201310, jsc#PED-529).
- net: mana: Add the Linux MANA PF driver (bug#1201309, jsc#PED-529).
- NFS: Do not decrease the value of seq_nr_highest_sent (git-fixes).
- NFS: Fix races in the legacy idmapper upcall (git-fixes).
- NFS: Handle NFS4ERR_DELAY replies to OP_SEQUENCE correctly (git-fixes).
- NFS: RECLAIM_COMPLETE must handle EACCES (git-fixes).
- NFSD: Fix offset type in I/O trace points (git-fixes).
- nvme-fabrics: parse nvme connect Linux error codes (bsc#1201865).
- nvme-rdma: Handle number of queue changes (bsc#1201865).
- nvme-tcp: fix UAF when detecting digest errors (bsc#1200313 bsc#1201489).
- nvme-tcp: Handle number of queue changes (bsc#1201865).
- nvmet: Expose max queues to configfs (bsc#1201865).
- of: device: Fix up of_dma_configure_id() stub (git-fixes).
- of: fdt: fix off-by-one error in unflatten_dt_nodes() (git-fixes).
- pinctrl: rockchip: Enhance support for IRQ_TYPE_EDGE_BOTH (git-fixes).
- platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell Dot keymap fixes (git-fixes).
- powerpc/drmem: Make lmb_size 64 bit (bsc#1203424 ltc#199544).
- powerpc/memhotplug: Make lmb size 64bit (bsc#1203424 ltc#199544).
- ppc64/kdump: Limit kdump base to 512MB (bsc#1203410 ltc#199904).
- psi: Fix uaf issue when psi trigger is destroyed while being polled (bsc#1203909).
- regulator: core: Clean up on enable failure (git-fixes).
- s390/qeth: cache link_info for ethtool (bsc#1202984 LTC#199607).
- s390/qeth: clean up default cases for ethtool link mode (bsc#1202984 LTC#199607).
- s390/qeth: improve QUERY CARD INFO processing (bsc#1202984 LTC#199607).
- s390/qeth: improve selection of ethtool link modes (bsc#1202984 LTC#199607).
- s390/qeth: set static link info during initialization (bsc#1202984 LTC#199607).
- s390/qeth: tolerate error when querying card info (bsc#1202984 LTC#199607).
- s390/qeth: use QUERY OAT for initial link info (bsc#1202984 LTC#199607).
- scsi: core: Fix bad pointer dereference when ehandler kthread is invalid (git-fixes).
- scsi: lpfc: Add missing destroy_workqueue() in error path (bsc#1203939).
- scsi: lpfc: Add missing free iocb and nlp kref put for early return VMID cases (bsc#1203939).
- scsi: lpfc: Add reporting capability for Link Degrade Signaling (bsc#1203939).
- scsi: lpfc: Fix FLOGI ACC with wrong SID in PT2PT topology (bsc#1203939).
- scsi: lpfc: Fix mbuf pool resource detected as busy at driver unload (bsc#1203939).
- scsi: lpfc: Fix multiple NVMe remoteport registration calls for the same NPort ID (bsc#1203939).
- scsi: lpfc: Fix prli_fc4_req checks in PRLI handling (bsc#1203939).
- scsi: lpfc: Fix various issues reported by tools (bsc#1203939).
- scsi: lpfc: Move scsi_host_template outside dynamically allocated/freed phba (bsc#1185032 bsc#1203939).
- scsi: lpfc: Remove the unneeded result variable (bsc#1203939).
- scsi: lpfc: Remove unneeded result variable (bsc#1203939).
- scsi: lpfc: Rename mp/bmp dma buffers to rq/rsp in lpfc_fdmi_cmd (bsc#1203939).
- scsi: lpfc: Return DID_TRANSPORT_DISRUPTED instead of DID_REQUEUE (bsc#1203939).
- scsi: lpfc: Rework FDMI attribute registration for unintential padding (bsc#1203939).
- scsi: lpfc: Rework lpfc_fdmi_cmd() routine for cleanup and consistency (bsc#1203939).
- scsi: lpfc: Update congestion mode logging for Emulex SAN Manager application (bsc#1203939).
- scsi: lpfc: Update lpfc version to (bsc#1203939).
- scsi: mpt3sas: Fix use-after-free warning (git-fixes).
- scsi: qla2xxx: Add debugfs create/delete helpers (bsc#1203935).
- scsi: qla2xxx: Add NVMe parameters support in Auxiliary Image Status (bsc#1203935).
- scsi: qla2xxx: Always wait for qlt_sess_work_fn() from qlt_stop_phase1() (bsc#1203935).
- scsi: qla2xxx: Avoid flush_scheduled_work() usage (bsc#1203935).
- scsi: qla2xxx: Disable ATIO interrupt coalesce for quad port ISP27XX (bsc#1203935).
- scsi: qla2xxx: Drop DID_TARGET_FAILURE use (bsc#1203935).
- scsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts() (bsc#1203935).
- scsi: qla2xxx: Fix response queue handler reading stale packets (bsc#1203935).
- scsi: qla2xxx: Log message 'skipping scsi_scan_host()' as informational (bsc#1203935).
- scsi: qla2xxx: Remove unused declarations for qla2xxx (bsc#1203935).
- scsi: qla2xxx: Remove unused del_sess_list field (bsc#1203935).
- scsi: qla2xxx: Remove unused qlt_tmr_work() (bsc#1203935).
- scsi: qla2xxx: Revert 'scsi: qla2xxx: Fix response queue handler reading stale packets' (bsc#1203935).
- scsi: qla2xxx: Update version to (bsc#1203935).
- scsi: sg: Allow waiting for commands to complete on removed device (git-fixes).
- scsi: smartpqi: Fix DMA direction for RAID requests (git-fixes).
- scsi: smartpqi: Shorten drive visibility after removal (bsc#1200622).
- scsi: smartpqi: Update LUN reset handler (bsc#1200622).
- soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs (git-fixes).
- squashfs: fix divide error in calculate_skip() (git-fixes).
- struct ehci_hcd: hide new member (git-fixes).
- struct otg_fsm: hide new boolean member in gap (git-fixes).
- SUNRPC: Do not call connect() more than once on a TCP socket (git-fixes).
- SUNRPC: Do not leak sockets in xs_local_connect() (git-fixes).
- SUNRPC: fix expiry of auth creds (git-fixes).
- SUNRPC: Fix misplaced barrier in call_decode (git-fixes).
- SUNRPC: Partial revert of commit 6f9f17287e78 (git-fixes).
- SUNRPC: Reinitialise the backchannel request buffers before reuse (git-fixes).
- SUNRPC: RPC level errors should set task->tk_rpc_status (git-fixes).
- svcrdma: Hold private mutex while invoking rdma_accept() (git-fixes).
- tracing: hold caller_addr to hardirq_{enable,disable}_ip (git-fixes).
- USB: Add ignore-residue quirk for NXP PN7462AU (git-fixes).
- USB: cdc-acm: Add Icom PMR F3400 support (0c26:0020) (git-fixes).
- USB: core: Fix RST error in hub.c (git-fixes).
- USB: core: Prevent nested device-reset calls (git-fixes).
- USB: dwc3: disable USB core PHY management (git-fixes).
- USB: ehci: handshake CMD_RUN instead of STS_HALT (git-fixes).
- USB: otg-fsm: Fix hrtimer list corruption (git-fixes).
- USB: serial: ch341: fix disabled rx timer on older devices (git-fixes).
- USB: serial: ch341: fix lost character on LCR updates (git-fixes).
- USB: serial: ch341: name prescaler, divisor registers (git-fixes).
- USB: serial: cp210x: add Decagon UCA device id (git-fixes).
- USB: serial: ftdi_sio: add Omron CS1W-CIF31 device id (git-fixes).
- USB: serial: option: add Quectel EM060K modem (git-fixes).
- USB: serial: option: add support for Cinterion MV32-WA/WB RmNet mode (git-fixes).
- USB: serial: option: add support for OPPO R11 diag port (git-fixes).
- USB: storage: Add ASUS <0x0b05:0x1932> to IGNORE_UAS (git-fixes).
- USB: struct usb_device: hide new member (git-fixes).
- usbnet: Fix memory leak in usbnet_disconnect() (git-fixes).
- vt: Clear selection before changing the font (git-fixes).
- vt: selection, introduce vc_is_sel (git-fixes).
- watchdog: wdat_wdt: Set the min and max timeout values properly (bsc#1194023).
- wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in il4965_rs_fill_link_cmd() (git-fixes).
- x86/bugs: Reenable retbleed=off While for older kernels the return thunks are statically built in and cannot be dynamically patched out, retbleed=off should still work so that it can be disabled.
- x86/kexec: fix memory leak of elf header buffer (bsc#1196444).
- x86/xen: Remove undefined behavior in setup_features() (git-fixes).
- xen/xenbus: fix return type in xenbus_file_read() (git-fixes).
- xprtrdma: Fix cwnd update ordering (git-fixes).

Advisory ID: SUSE-RU-2022:3776-1
Released:    Wed Oct 26 14:06:43 2022
Summary:     Recommended update for permissions
Type:        recommended
Severity:    important
References:  1203911,1204137
This update for permissions fixes the following issues:

- Revert changes that replaced ping capabilities with ICMP_PROTO sockets. Older SUSE Linux Enterprise versions don't
  properly support ICMP_PROTO sockets feature yet (bsc#1204137)
- Fix regression introduced by backport of security fix (bsc#1203911)

Advisory ID: SUSE-SU-2022:3784-1
Released:    Wed Oct 26 18:03:28 2022
Summary:     Security update for libtasn1
Type:        security
Severity:    critical
References:  1204690,CVE-2021-46848
This update for libtasn1 fixes the following issues:

- CVE-2021-46848: Fixed off-by-one array size check that affects asn1_encode_simple_der (bsc#1204690)

Advisory ID: SUSE-SU-2022:3805-1
Released:    Thu Oct 27 17:19:46 2022
Summary:     Security update for dbus-1
Type:        security
Severity:    important
References:  1087072,1204111,1204112,1204113,CVE-2022-42010,CVE-2022-42011,CVE-2022-42012
This update for dbus-1 fixes the following issues:

  - CVE-2022-42010: Fixed potential crash that could be triggered by an invalid signature (bsc#1204111).
  - CVE-2022-42011: Fixed an out of bounds read caused by a fixed length array (bsc#1204112).
  - CVE-2022-42012: Fixed a use-after-free that could be trigged by a message in non-native endianness with out-of-band Unix file descriptor (bsc#1204113).


  - Disable asserts (bsc#1087072).

Advisory ID: SUSE-SU-2022:3871-1
Released:    Fri Nov  4 13:26:29 2022
Summary:     Security update for libxml2
Type:        security
Severity:    important
References:  1201978,1204366,1204367,CVE-2016-3709,CVE-2022-40303,CVE-2022-40304
This update for libxml2 fixes the following issues:

  - CVE-2016-3709: Fixed possible XSS vulnerability (bsc#1201978).
  - CVE-2022-40303: Fixed integer overflows with XML_PARSE_HUGE (bsc#1204366).
  - CVE-2022-40304: Fixed dict corruption caused by entity reference cycles (bsc#1204367).

Advisory ID: SUSE-RU-2022:3900-1
Released:    Tue Nov  8 10:47:55 2022
Summary:     Recommended update for docker
Type:        recommended
Severity:    moderate
References:  1200022
This update for docker fixes the following issues:

- Fix a crash-on-start issue with dockerd (bsc#1200022)

Advisory ID: SUSE-RU-2022:3901-1
Released:    Tue Nov  8 10:50:06 2022
Summary:     Recommended update for openssl-1_1
Type:        recommended
Severity:    moderate
References:  1180995,1203046
This update for openssl-1_1 fixes the following issues:

- Default to RFC7919 groups when generating ECDH parameters using 'genpkey' or 'dhparam' in FIPS mode (bsc#1180995)
- Fix memory leaks (bsc#1203046)

Advisory ID: SUSE-RU-2022:3904-1
Released:    Tue Nov  8 10:52:13 2022
Summary:     Recommended update for openssh
Type:        recommended
Severity:    moderate
References:  1192439
This update for openssh fixes the following issue:

- Prevent empty messages from being sent. (bsc#1192439)

Advisory ID: SUSE-RU-2022:3905-1
Released:    Tue Nov  8 12:23:17 2022
Summary:     Recommended update for aaa_base
Type:        recommended
Severity:    important
References:  1196840,1199492,1199918,1199926,1199927
This update for aaa_base and iputils fixes the following issues:


- Failures in ping for SUSE Linux Enterprise 15 and 15 SP1 due to sysctl setting for ping_group_range (bsc#1199926, bsc#1199927)
- The wrapper rootsh is not a restricted shell (bsc#1199492)


- Fix device binding on ping6 for ICMP datagram socket. (bsc#1196840, bsc#1199918, bsc#1199926, bsc#1199927)

Advisory ID: SUSE-RU-2022:3910-1
Released:    Tue Nov  8 13:05:04 2022
Summary:     Recommended update for pam
Type:        recommended
Severity:    moderate
This update for pam fixes the following issue:

- Update pam_motd to the most current version. (PED-1712)

Advisory ID: SUSE-SU-2022:3912-1
Released:    Tue Nov  8 13:38:11 2022
Summary:     Security update for expat
Type:        security
Severity:    important
References:  1204708,CVE-2022-43680
This update for expat fixes the following issues:

  - CVE-2022-43680: Fixed use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (bsc#1204708).

Advisory ID: SUSE-RU-2022:3917-1
Released:    Tue Nov  8 16:41:28 2022
Summary:     Recommended update for python-azure-agent
Type:        recommended
Severity:    moderate
References:  1203164,1203181
This update for python-azure-agent fixes the following issues:

- Properly set OS.EnableRDMA flag (bsc#1203181)
- Update to version (bsc#1203164)

Advisory ID: SUSE-SU-2022:3922-1
Released:    Wed Nov  9 09:03:33 2022
Summary:     Security update for protobuf
Type:        security
Severity:    important
References:  1194530,1203681,1204256,CVE-2021-22569,CVE-2022-1941,CVE-2022-3171
This update for protobuf fixes the following issues:

- CVE-2021-22569: Fixed Denial of Service in protobuf-java in the parsing procedure for binary data (bsc#1194530).
- CVE-2022-1941: Fix a potential DoS issue in protobuf-cpp and protobuf-python (bsc#1203681)
- CVE-2022-3171: Fix a potential DoS issue when parsing with binary data in protobuf-java (bsc#1204256)
Advisory ID: SUSE-RU-2022:3927-1
Released:    Wed Nov  9 14:55:47 2022
Summary:     Recommended update for runc
Type:        recommended
Severity:    moderate
References:  1202021,1202821
This update for runc fixes the following issues:

- Update to runc v1.1.4 (bsc#1202021)
- Fix failed exec after systemctl daemon-reload (bsc#1202821)
- Fix mounting via wrong proc
- Fix 'permission denied' error from runc run on noexec filesystem

Advisory ID: SUSE-SU-2022:3947-1
Released:    Fri Nov 11 09:04:30 2022
Summary:     Security update for xen
Type:        security
Severity:    important
References:  1027519,1193923,1203806,1203807,1204482,1204485,1204487,1204488,1204489,1204490,1204494,1204496,CVE-2022-33746,CVE-2022-33747,CVE-2022-33748,CVE-2022-42309,CVE-2022-42310,CVE-2022-42311,CVE-2022-42312,CVE-2022-42313,CVE-2022-42314,CVE-2022-42315,CVE-2022-42316,CVE-2022-42317,CVE-2022-42318,CVE-2022-42319,CVE-2022-42320,CVE-2022-42321,CVE-2022-42322,CVE-2022-42323,CVE-2022-42325,CVE-2022-42326
This update for xen fixes the following issues:

- CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing (bsc#1203806)
- CVE-2022-33748: Fixed DoS due to race in locking (bsc#1203807)
- CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314, CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318: xen: Xenstore: Guests can let xenstored run out of memory (bsc#1204482)
- CVE-2022-42309: xen: Xenstore: Guests can crash xenstored (bsc#1204485)
- CVE-2022-42310: xen: Xenstore: Guests can create orphaned Xenstore nodes (bsc#1204487)
- CVE-2022-42319: xen: Xenstore: Guests can cause Xenstore to not free temporary memory (bsc#1204488)
- CVE-2022-42320: xen: Xenstore: Guests can get access to Xenstore nodes of deleted domains (bsc#1204489)
- CVE-2022-42321: xen: Xenstore: Guests can crash xenstored via exhausting the stack (bsc#1204490)
- CVE-2022-42322,CVE-2022-42323: xen: Xenstore: cooperating guests can create arbitrary numbers of nodes (bsc#1204494)
- CVE-2022-42325,CVE-2022-42326: xen: Xenstore: Guests can create arbitrary number of nodes via transactions (bsc#1204496)
- xen: Frontends vulnerable to backends (bsc#1193923)

Advisory ID: SUSE-SU-2022:3955-1
Released:    Fri Nov 11 12:24:27 2022
Summary:     Security update for samba
Type:        security
Severity:    important
References:  1200102,1202803,1202976,CVE-2022-1615,CVE-2022-32743
This update for samba fixes the following issues:

- CVE-2022-1615: Fixed error handling in random number generation (bso#15103)(bsc#1202976).
- CVE-2022-32743: Implement validated dnsHostName write rights (bso#14833)(bsc#1202803).


- Fixed use after free when iterating smbd_server_connection->connections after tree disconnect failure (bso#15128)(bsc#1200102).

Advisory ID: SUSE-RU-2022:3961-1
Released:    Mon Nov 14 07:33:50 2022
Summary:     Recommended update for zlib
Type:        recommended
Severity:    important
References:  1203652
This update for zlib fixes the following issues:

- Fix updating strm.adler with inflate() if DFLTCC is used (bsc#1203652)

Advisory ID: SUSE-RU-2022:3973-1
Released:    Mon Nov 14 15:38:25 2022
Summary:     Recommended update for util-linux
Type:        recommended
Severity:    moderate
References:  1201959,1204211
This update for util-linux fixes the following issues:

- Fix file conflict during upgrade (bsc#1204211)
- libuuid improvements (bsc#1201959, PED-1150):
  libuuid: Fix range when parsing UUIDs.
  Improve cache handling for short running applications-increment the cache size over runtime.
  Implement continuous clock handling for time based UUIDs.
  Check clock value from clock file to provide seamless libuuid.

Advisory ID: SUSE-RU-2022:3985-1
Released:    Tue Nov 15 12:54:11 2022
	  Recommended update for python-apipkg
Type:        recommended
Severity:    moderate
References:  1204145

	  This update fixes for python3-apipkg the following issues:
Advisory ID: SUSE-SU-2022:3991-1
Released:    Tue Nov 15 13:54:13 2022
Summary:     Security update for dhcp
Type:        security
Severity:    moderate
References:  1203988,1203989,CVE-2022-2928,CVE-2022-2929
This update for dhcp fixes the following issues:

  - CVE-2022-2928: Fixed an option refcount overflow (bsc#1203988).
  - CVE-2022-2929: Fixed a DHCP memory leak (bsc#1203989).

Advisory ID: SUSE-RU-2022:4020-1
Released:    Wed Nov 16 15:45:13 2022
Summary:     Recommended update for nfs-utils
Type:        recommended
Severity:    moderate
References:  1199856,1202627
This update for nfs-utils fixes the following issues:

- Fix nfsdcltrack bug that affected non-x86 archs (bsc#1202627)
- Ensure sysctl setting work (bsc#1199856)

Advisory ID: SUSE-SU-2022:4044-1
Released:    Thu Nov 17 09:07:24 2022
Summary:     Security update for python-cryptography, python-cryptography-vectors
Type:        security
Severity:    important
References:  1101820,1149792,1176785,1177083,CVE-2018-10903
This update for python-cryptography, python-cryptography-vectors fixes the following issues:

- Update in SLE-15 (bsc#1177083, jsc#PM-2730, jsc#SLE-18312)
- Refresh patches for new version
- Update in SLE-15 (bsc#1176785, jsc#ECO-3105, jsc#PM-2352)
- update to 2.9.2
  * 2.9.2 - 2020-04-22
    - Updated the macOS wheel to fix an issue where it would not run on macOS versions older than 10.15.
  * 2.9.1 - 2020-04-21
    - Updated Windows, macOS, and manylinux wheels to be compiled with OpenSSL 1.1.1g.
  * 2.9 - 2020-04-02
    - BACKWARDS INCOMPATIBLE: Support for Python 3.4 has been removed due to
      low usage and maintenance burden.
    - BACKWARDS INCOMPATIBLE: Support for OpenSSL 1.0.1 has been removed.
      Users on older version of OpenSSL will need to upgrade.
    - BACKWARDS INCOMPATIBLE: Support for LibreSSL 2.6.x has been removed.
    - Removed support for calling public_bytes() with no arguments, as per 
      our deprecation policy. You must now pass encoding and format.
    - BACKWARDS INCOMPATIBLE: Reversed the order in which rfc4514_string()
      returns the RDNs as required by RFC 4514.
    - Updated Windows, macOS, and manylinux wheels to be compiled with OpenSSL 1.1.1f.
    - Added support for parsing single_extensions in an OCSP response.
    - NameAttribute values can now be empty strings.

- Add openSSL_111d.patch to make this version of the package
  compatible with OpenSSL 1.1.1d, thus fixing bsc#1149792.

- bsc#1101820 CVE-2018-10903 GCM tag forgery via truncated tag in
  finalize_with_tag API
- Update in SLE-15 (bsc#1177083, jsc#PM-2730, jsc#SLE-18312)
- Include in SLE-15 (bsc#1176785, jsc#ECO-3105, jsc#PM-2352)
- update to 2.9.2:
  * updated vectors for the cryptography 2.9.2 testing

Advisory ID: SUSE-SU-2022:4053-1
Released:    Thu Nov 17 15:35:55 2022
Summary:     Security update for the Linux Kernel
Type:        security
Severity:    important
References:  1032323,1065729,1152489,1198702,1200465,1200788,1201725,1202638,1202686,1202700,1203066,1203098,1203387,1203391,1203496,1203802,1204053,1204166,1204168,1204354,1204355,1204382,1204402,1204415,1204417,1204431,1204439,1204470,1204479,1204574,1204575,1204619,1204635,1204637,1204646,1204647,1204653,1204728,1204753,1204754,CVE-2021-4037,CVE-2022-2153,CVE-2022-2964,CVE-2022-2978,CVE-2022-3176,CVE-2022-3424,CVE-2022-3521,CVE-2022-3524,CVE-2022-3535,CVE-2022-3542,CVE-2022-3545,CVE-2022-3565,CVE-2022-3577,CVE-2022-3586,CVE-2022-3594,CVE-2022-3621,CVE-2022-3625,CVE-2022-3629,CVE-2022-3640,CVE-2022-3646,CVE-2022-3649,CVE-2022-39189,CVE-2022-42703,CVE-2022-43750

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

- CVE-2021-4037: Fixed function logic vulnerability that allowed local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set (bnc#1198702).
- CVE-2022-2153: Fixed vulnerability in KVM that could allow an unprivileged local attacker on the host to cause DoS (bnc#1200788).
- CVE-2022-2964: Fixed memory corruption issues in ax88179_178a devices (bnc#1202686).
- CVE-2022-2978: Fixed use-after-free in the NILFS file system that could lead to local privilege escalation or DoS (bnc#1202700).
- CVE-2022-3176: Fixed use-after-free in io_uring when using POLLFREE (bnc#1203391).
- CVE-2022-3424: Fixed use-after-free in gru_set_context_option(), gru_fault() and gru_handle_user_call_os() that could lead to kernel panic (bsc#1204166).
- CVE-2022-3521: Fixed race condition in kcm_tx_work() in net/kcm/kcmsock.c (bnc#1204355).
- CVE-2022-3524: Fixed memory leak in ipv6_renew_options() in the IPv6 handler (bnc#1204354).
- CVE-2022-3535: Fixed memory leak in mvpp2_dbgfs_port_init() in drivers/net/ethernet/marvell/mvpp2/mvpp2_debugfs.c (bnc#1204417).
- CVE-2022-3542: Fixed memory leak in bnx2x_tpa_stop() in drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c (bnc#1204402).
- CVE-2022-3545: Fixed use-after-free in area_cache_get() in drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bnc#1204415).
- CVE-2022-3565: Fixed use-after-free in del_timer() in drivers/isdn/mISDN/l1oip_core.c (bnc#1204431).
- CVE-2022-3577: Fixed out-of-bounds memory write flaw in bigben device driver that could lead to local privilege escalation or DoS (bnc#1204470).
- CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could allow a local unprivileged user to cause a denial of service (bnc#1204439).
- CVE-2022-3594: Fixed excessive data logging in intr_callback() in drivers/net/usb/r8152.c (bnc#1204479).
- CVE-2022-3621: Fixed null pointer dereference in nilfs_bmap_lookup_at_level() in fs/nilfs2/inode.c (bnc#1204574).
- CVE-2022-3625: Fixed use-after-free in devlink_param_set()/devlink_param_get() in net/core/devlink.c (bnc#1204637).
- CVE-2022-3629: Fixed memory leak in vsock_connect() in net/vmw_vsock/af_vsock.c (bnc#1204635).
- CVE-2022-3640: Fixed use-after-free in l2cap_conn_del() in net/bluetooth/l2cap_core.c (bnc#1204619).
- CVE-2022-3646: Fixed memory leak in nilfs_attach_log_writer() in fs/nilfs2/segment.c (bnc#1204646).
- CVE-2022-3649: Fixed use-after-free in nilfs_new_inode() in fs/nilfs2/inode.c (bnc#1204647).
- CVE-2022-39189: Fixed a flaw in the x86 KVM subsystem that could allow unprivileged guest users to compromise the guest kernel via TLB flush operations on preempted vCPU (bnc#1203066).
- CVE-2022-42703: Fixed use-after-free in mm/rmap.c related to leaf anon_vma double reuse (bnc#1204168).
- CVE-2022-43750: Fixed vulnerability in usbmon that allowed a user-space client to corrupt the monitor's internal memory (bnc#1204653).

The following non-security bugs were fixed:

- ACPI: APEI: do not add task_work to kernel thread to avoid memory leak (git-fixes).
- ACPI: HMAT: Release platform device in case of platform_device_add_data() fails (git-fixes).
- ACPI: extlog: Handle multiple records (git-fixes).
- ACPI: processor idle: Practically limit 'Dummy wait' workaround to old Intel systems (bnc#1203802).
- ACPI: video: Add Toshiba Satellite/Portege Z830 quirk (git-fixes).
- ALSA: Use del_timer_sync() before freeing timer (git-fixes).
- ALSA: ac97: fix possible memory leak in snd_ac97_dev_register() (git-fixes).
- ALSA: aoa: Fix I2S device accounting (git-fixes).
- ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev() (git-fixes).
- ALSA: asihpi - Remove useless code in hpi_meter_get_peak() (git-fixes).
- ALSA: au88x0: use explicitly signed char (git-fixes).
- ALSA: dmaengine: increment buffer pointer atomically (git-fixes).
- ALSA: hda/hdmi: Do not skip notification handling during PM operation (git-fixes).
- ALSA: hda/realtek: Add Intel Reference SSID to support headset keys (git-fixes).
- ALSA: hda/realtek: Add pincfg for ASUS G513 HP jack (git-fixes).
- ALSA: hda/realtek: Add pincfg for ASUS G533Z HP jack (git-fixes).
- ALSA: hda/realtek: Add quirk for ASUS GA503R laptop (git-fixes).
- ALSA: hda/realtek: Add quirk for ASUS GV601R laptop (git-fixes).
- ALSA: hda/realtek: Add quirk for Huawei WRT-WX9 (git-fixes).
- ALSA: hda/realtek: Correct pin configs for ASUS G533Z (git-fixes).
- ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5530 laptop (git-fixes).
- ALSA: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530 (git-fixes).
- ALSA: hda/sigmatel: Fix unused variable warning for beep power change (git-fixes).
- ALSA: hda/sigmatel: Keep power up while beep is enabled (git-fixes).
- ALSA: hda/tegra: Align BDL entry to 4KB boundary (git-fixes).
- ALSA: hda: Fix position reporting on Poulsbo (git-fixes).
- ALSA: hda: add Intel 5 Series / 3400 PCI DID (git-fixes).
- ALSA: oss: Fix potential deadlock at unregistration (git-fixes).
- ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free() (git-fixes).
- ALSA: rme9652: use explicitly signed char (git-fixes).
- ALSA: usb-audio: Fix NULL dererence at error path (git-fixes).
- ALSA: usb-audio: Fix potential memory leaks (git-fixes).
- ASoC: eureka-tlv320: Hold reference returned from of_find_xxx API (git-fixes).
- ASoC: fsl_sai: Remove unnecessary FIFO reset in ISR (git-fixes).
- ASoC: mt6660: Fix PM disable depth imbalance in mt6660_i2c_probe (git-fixes).
- ASoC: nau8824: Fix semaphore unbalance at error paths (git-fixes).
- ASoC: rsnd: Add check for rsnd_mod_power_on (git-fixes).
- ASoC: tas2770: Reinit regcache on reset (git-fixes).
- ASoC: wcd9335: fix order of Slimbus unprepare/disable (git-fixes).
- ASoC: wcd934x: fix order of Slimbus unprepare/disable (git-fixes).
- ASoC: wm5102: Fix PM disable depth imbalance in wm5102_probe (git-fixes).
- ASoC: wm5110: Fix PM disable depth imbalance in wm5110_probe (git-fixes).
- ASoC: wm8997: Fix PM disable depth imbalance in wm8997_probe (git-fixes).
- Bluetooth: L2CAP: Fix user-after-free (git-fixes).
- Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create() (git-fixes).
- Bluetooth: hci_core: Fix not handling link timeouts propertly (git-fixes).
- Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times (git-fixes).
- HID: hidraw: fix memory leak in hidraw_release() (git-fixes).
- HID: magicmouse: Do not set BTN_MOUSE on double report (git-fixes).
- HID: multitouch: Add memory barriers (git-fixes).
- HID: roccat: Fix use-after-free in roccat_read() (git-fixes).
- HSI: omap_ssi: Fix refcount leak in ssi_probe (git-fixes).
- HSI: omap_ssi_port: Fix dma_map_sg error check (git-fixes).
- IB/cm: Cancel mad on the DREQ event when the state is MRA_REP_RCVD (git-fixes)
- IB/cma: Allow XRC INI QPs to set their local ACK timeout (git-fixes)
- IB/core: Only update PKEY and GID caches on respective events (git-fixes)
- IB/hfi1: Adjust pkey entry in index 0 (git-fixes)
- IB/hfi1: Fix abba locking issue with sc_disable() (git-fixes)
- IB/hfi1: Fix possible null-pointer dereference in _extend_sdma_tx_descs() (git-fixes)
- IB/mlx4: Add support for REJ due to timeout (git-fixes)
- IB/mlx4: Use port iterator and validation APIs (git-fixes)
- IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields (git-fixes)
- IB/rdmavt: Add __init/__exit annotations to module init/exit funcs (git-fixes)
- IB/srpt: Remove redundant assignment to ret (git-fixes)
- Input: i8042 - fix refount leak on sparc (git-fixes).
- Input: xpad - add supported devices as contributed on github (git-fixes).
- Input: xpad - fix wireless 360 controller breaking after suspend (git-fixes).
- KVM: nVMX: Unconditionally purge queued/injected events on nested 'exit' (git-fixes).
- KVM: s390: Clarify SIGP orders versus STOP/RESTART (git-fixes).
- KVM: s390: VSIE: fix MVPG handling for prefixing and MSO (git-fixes).
- KVM: s390: clear kicked_mask before sleeping again (git-fixes).
- KVM: s390: preserve deliverable_mask in __airqs_kick_single_vcpu (git-fixes).
- KVM: s390: pv: do not present the ecall interrupt twice (git-fixes).
- KVM: s390: split kvm_s390_real_to_abs (git-fixes).
- KVM: s390x: fix SCK locking (git-fixes).
- KVM: x86/emulator: Fix handing of POP SS to correctly set interruptibility (git-fixes).
- PCI: Dynamically map ECAM regions (bsc#1204382).
- PCI: Fix used_buses calculation in pci_scan_child_bus_extend() (git-fixes).
- PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge (git-fixes).
- PM: domains: Fix handling of unavailable/disabled idle states (git-fixes).
- PM: hibernate: Allow hybrid sleep to work with s2idle (git-fixes).
- RDMA/bnxt_re: Add missing spin lock initialization (git-fixes)
- RDMA/bnxt_re: Fix query SRQ failure (git-fixes)
- RDMA/cm: Fix memory leak in ib_cm_insert_listen (git-fixes)
- RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests (git-fixes)
- RDMA/cma: Fix arguments order in net device validation (git-fixes)
- RDMA/core: Sanitize WQ state received from the userspace (git-fixes)
- RDMA/cxgb4: Remove MW support (git-fixes)
- RDMA/efa: Free IRQ vectors on error flow (git-fixes)
- RDMA/efa: Remove double QP type assignment (git-fixes)
- RDMA/efa: Use ib_umem_num_dma_pages() (git-fixes)
- RDMA/hfi1: Fix potential integer multiplication overflow errors (git-fixes)
- RDMA/hns: Remove unnecessary check for the sgid_attr when modifying QP (git-fixes)
- RDMA/i40iw: Use ib_umem_num_dma_pages() (git-fixes)
- RDMA/iwcm: Release resources if iw_cm module initialization fails (git-fixes)
- RDMA/mlx4: Return missed an error if device does not support steering (git-fixes)
- RDMA/mlx5: Add missing check for return value in get namespace flow (git-fixes)
- RDMA/mlx5: Block FDB rules when not in switchdev mode (git-fixes)
- RDMA/mlx5: Fix memory leak in error flow for subscribe event routine (git-fixes)
- RDMA/mlx5: Make mkeys always owned by the kernel's PD when not enabled (git-fixes)
- RDMA/mlx5: Set user priority for DCT (git-fixes)
- RDMA/mlx5: Use set_mkc_access_pd_addr_fields() in reg_create() (git-fixes)
- RDMA/qedr: Fix NULL deref for query_qp on the GSI QP (git-fixes)
- RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr() (git-fixes)
- RDMA/qedr: Fix reporting QP timeout attribute (git-fixes)
- RDMA/qib: Remove superfluous fallthrough statements (git-fixes)
- RDMA/rtrs-srv: Pass the correct number of entries for dma mapped SGL (git-fixes)
- RDMA/rxe: Do not overwrite errno from ib_umem_get() (git-fixes)
- RDMA/rxe: Fix 'kernel NULL pointer dereference' error (git-fixes)
- RDMA/rxe: Fix error unwind in rxe_create_qp() (git-fixes)
- RDMA/rxe: Fix extra copies in build_rdma_network_hdr (git-fixes)
- RDMA/rxe: Fix extra copy in prepare_ack_packet (git-fixes)
- RDMA/rxe: Fix failure during driver load (git-fixes)
- RDMA/rxe: Fix over copying in get_srq_wqe (git-fixes)
- RDMA/rxe: Fix redundant call to ip_send_check (git-fixes)
- RDMA/rxe: Fix redundant skb_put_zero (git-fixes)
- RDMA/rxe: Fix rnr retry behavior (git-fixes)
- RDMA/rxe: Fix the error caused by qp->sk (git-fixes)
- RDMA/rxe: Fix wrong port_cap_flags (git-fixes)
- RDMA/rxe: Generate a completion for unsupported/invalid opcode (git-fixes)
- RDMA/rxe: Remove unused pkt->offset (git-fixes)
- RDMA/rxe: Return CQE error if invalid lkey was supplied (git-fixes)
- RDMA/sa_query: Use strscpy_pad instead of memcpy to copy a string (git-fixes)
- RDMA/siw: Always consume all skbuf data in sk_data_ready() upcall. (git-fixes)
- RDMA/siw: Fix a condition race issue in MPA request processing (git-fixes)
- RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event (git-fixes)
- RDMA/siw: Pass a pointer to virt_to_page() (git-fixes)
- RDMA/usnic: fix set-but-not-unused variable 'flags' warning (git-fixes)
- RDMA: Verify port when creating flow rule (git-fixes)
- RDMA: remove useless condition in siw_create_cq() (git-fixes)
- RDMa/mthca: Work around -Wenum-conversion warning (git-fixes)
- Revert 'drivers/video/backlight/platform_lcd.c: add support for (bsc#1152489)
- Revert 'drm: bridge: analogix/dp: add panel prepare/unprepare in suspend/resume time' (git-fixes).
- Revert 'usb: add quirks for Lenovo OneLink+ Dock' (git-fixes).
- Revert 'usb: storage: Add quirk for Samsung Fit flash' (git-fixes).
- Revert 'usb: storage: Add quirk for Samsung Fit flash' (git-fixes).
- USB: serial: console: move mutex_unlock() before usb_serial_put() (git-fixes).
- USB: serial: ftdi_sio: fix 300 bps rate for SIO (git-fixes).
- USB: serial: option: add Quectel BG95 0x0203 composition (git-fixes).
- USB: serial: option: add Quectel BG95 0x0203 composition (git-fixes).
- USB: serial: option: add Quectel RM520N (git-fixes).
- USB: serial: option: add Quectel RM520N (git-fixes).
- USB: serial: qcserial: add new usb-id for Dell branded EM7455 (git-fixes).
- USB: serial: qcserial: add new usb-id for Dell branded EM7455 (git-fixes).
- arm64: assembler: add cond_yield macro (git-fixes)
- ata: fix ata_id_has_devslp() (git-fixes).
- ata: fix ata_id_has_dipm() (git-fixes).
- ata: fix ata_id_has_ncq_autosense() (git-fixes).
- ata: fix ata_id_sense_reporting_enabled() and ata_id_has_sense_reporting() (git-fixes).
- ata: libahci_platform: Sanity check the DT child nodes number (git-fixes).
- can: bcm: check the result of can_send() in bcm_can_tx() (git-fixes).
- can: gs_usb: gs_can_open(): fix race dev->can.state condition (git-fixes).
- can: kvaser_usb: Fix possible completions during init_completion (git-fixes).
- can: kvaser_usb: Fix use of uninitialized completion (git-fixes).
- can: kvaser_usb_leaf: Fix CAN state after restart (git-fixes).
- can: kvaser_usb_leaf: Fix TX queue out of sync after restart (git-fixes).
- can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing put_clock() in error path (git-fixes).
- cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset (bsc#1204753).
- clk: bcm2835: Make peripheral PLLC critical (git-fixes).
- clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration (git-fixes).
- clk: berlin: Add of_node_put() for of_get_parent() (git-fixes).
- clk: imx: imx6sx: remove the SET_RATE_PARENT flag for QSPI clocks (git-fixes).
- clk: iproc: Do not rely on node name for correct PLL setup (git-fixes).
- clk: mediatek: mt8183: mfgcfg: Propagate rate changes to parent (git-fixes).
- clk: oxnas: Hold reference returned by of_get_parent() (git-fixes).
- clk: qcom: gcc-msm8916: use ARRAY_SIZE instead of specifying num_parents (git-fixes).
- clk: qoriq: Hold reference returned by of_get_parent() (git-fixes).
- clk: tegra20: Fix refcount leak in tegra20_clock_init (git-fixes).
- clk: tegra: Fix refcount leak in tegra114_clock_init (git-fixes).
- clk: tegra: Fix refcount leak in tegra210_clock_init (git-fixes).
- clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe (git-fixes).
- clk: zynqmp: Fix stack-out-of-bounds in strncpy` (git-fixes).
- clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate (git-fixes).
- crypto: akcipher - default implementation for setting a private key (git-fixes).
- crypto: arm64/sha - fix function types (git-fixes)
- crypto: arm64/sha1-ce - simplify NEON yield (git-fixes)
- crypto: arm64/sha2-ce - simplify NEON yield (git-fixes)
- crypto: arm64/sha3-ce - simplify NEON yield (git-fixes)
- crypto: arm64/sha512-ce - simplify NEON yield (git-fixes)
- crypto: cavium - prevent integer overflow loading firmware (git-fixes).
- crypto: ccp - Release dma channels before dmaengine unrgister (git-fixes).
- crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr (git-fixes).
- device property: Fix documentation for *_match_string() APIs (git-fixes).
- dmaengine: ioat: stop mod_timer from resurrecting deleted timer in __cleanup() (git-fixes).
- dmaengine: xilinx_dma: Report error in case of dma_set_mask_and_coherent API failure (git-fixes).
- dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores property (git-fixes).
- docs: update mediator information in CoC docs (git-fixes).
- drivers: serial: jsm: fix some leaks in probe (git-fixes).
- drm/amd/display: Limit user regamma to a valid value (git-fixes).
- drm/amdgpu: do not register a dirty callback for non-atomic (git-fixes).
- drm/amdgpu: fix initial connector audio value (git-fixes).
- drm/amdgpu: use dirty framebuffer helper (git-fixes).
- drm/bridge: Avoid uninitialized variable warning (git-fixes).
- drm/bridge: megachips: Fix a null pointer dereference bug (git-fixes).
- drm/bridge: parade-ps8640: Fix regulator supply order (git-fixes).
- drm/i915/gvt: fix a memory leak in intel_gvt_init_vgpu_types (git-fixes).
- drm/mipi-dsi: Detach devices when removing the host (git-fixes).
- drm/msm/dpu: Fix comment typo (git-fixes).
- drm/msm/dpu: index dpu_kms->hw_vbif using vbif_idx (git-fixes).
- drm/msm/dsi: fix memory corruption with too many bridges (git-fixes).
- drm/msm/hdmi: fix memory corruption with too many bridges (git-fixes).
- drm/msm: Fix return type of mdp4_lvds_connector_mode_valid (git-fixes).
- drm/msm: Make .remove and .shutdown HW shutdown consistent (git-fixes).
- drm/nouveau/nouveau_bo: fix potential memory leak in nouveau_bo_alloc() (git-fixes).
- drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table() (git-fixes).
- drm/omap: dss: Fix refcount leak bugs (git-fixes).
- drm/rockchip: Fix return type of cdn_dp_connector_mode_valid (git-fixes).
- drm/scheduler: quieten kernel-doc warnings (git-fixes).
- drm/udl: Restore display mode on resume (git-fixes).
- drm: Prevent drm_copy_field() to attempt copying a NULL pointer (git-fixes).
- drm: Use size_t type for len variable in drm_copy_field() (git-fixes).
- drm: bridge: adv7511: fix CEC power down control register offset (git-fixes).
- drm: fix drm_mipi_dbi build errors (git-fixes).
- drm: panel-orientation-quirks: Add quirk for Anbernic Win600 (git-fixes).
- drm:pl111: Add of_node_put() when breaking out of for_each_available_child_of_node() (git-fixes).
- dyndbg: fix module.dyndbg handling (git-fixes).
- dyndbg: let query-modname override actual module name (git-fixes).
- efi: Correct Macmini DMI match in uefi cert quirk (git-fixes).
- efi: libstub: drop pointless get_memory_map() call (git-fixes).
- exfat: Return ENAMETOOLONG consistently for oversized paths (bsc#1204053 bsc#1201725).
- fbdev: cyber2000fb: fix missing pci_disable_device() (git-fixes).
- fbdev: da8xx-fb: Fix error handling in .remove() (git-fixes).
- firmware: arm_scmi: Add SCMI PM driver remove routine (git-fixes).
- firmware: google: Test spinlock on panic path to avoid lockups (git-fixes).
- fpga: prevent integer overflow in dfl_feature_ioctl_set_irq() (git-fixes).
- gpio: rockchip: request GPIO mux to pinctrl when setting direction (git-fixes).
- hid: hid-logitech-hidpp: avoid unnecessary assignments in hidpp_connect_event (git-fixes).
- hwmon/coretemp: Handle large core ID value (git-fixes).
- iio: ABI: Fix wrong format of differential capacitance channel ABI (git-fixes).
- iio: adc: ad7923: fix channel readings for some variants (git-fixes).
- iio: adc: at91-sama5d2_adc: check return status for pressure and touch (git-fixes).
- iio: adc: at91-sama5d2_adc: fix AT91_SAMA5D2_MR_TRACKTIM_MAX (git-fixes).
- iio: adc: at91-sama5d2_adc: lock around oversampling and sample freq (git-fixes).
- iio: adc: mcp3911: use correct id bits (git-fixes).
- iio: dac: ad5593r: Fix i2c read protocol requirements (git-fixes).
- iio: inkern: only release the device node when done with it (git-fixes).
- iio: light: tsl2583: Fix module unloading (git-fixes).
- iio: pressure: dps310: Refactor startup procedure (git-fixes).
- iio: pressure: dps310: Reset chip after timeout (git-fixes).
- irqchip/ls-extirq: Fix invalid wait context by avoiding to use regmap (git-fixes).
- kABI: arm64/crypto/sha512 Preserve function signature (git-fixes).
- kbuild: Add skip_encoding_btf_enum64 option to pahole (git-fixes).
- kbuild: remove the target in signal traps when interrupted (git-fixes).
- kbuild: sink stdout from cmd for silent build (git-fixes).
- kbuild: skip per-CPU BTF generation for pahole v1.18-v1.21 (jsc#SLE-24559).
- kthread: Extract KTHREAD_IS_PER_CPU (bsc#1204753).
- lib/sg_pool: change module_init(sg_pool_init) to subsys_initcall (git-fixes).
- libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205 (git-fixes).
- locking/csd_lock: Change csdlock_debug from early_param to __setup (git-fixes).
- mISDN: fix use-after-free bugs in l1oip timer handlers (git-fixes).
- mISDN: hfcpci: Fix use-after-free bug in hfcpci_softirq (git-fixes).
- mac802154: Fix LQI recording (git-fixes).
- mailbox: bcm-ferxrm-mailbox: Fix error check for dma_map_sg (git-fixes).
- media: aspeed-video: ignore interrupts that are not enabled (git-fixes).
- media: cedrus: Set the platform driver data earlier (git-fixes).
- media: coda: Add more H264 levels for CODA960 (git-fixes).
- media: coda: Fix reported H264 profile (git-fixes).
- media: cx88: Fix a null-ptr-deref bug in buffer_prepare() (git-fixes).
- media: dvb_vb2: fix possible out of bound access (git-fixes).
- media: v4l2-dv-timings: add sanity checks for blanking values (git-fixes).
- media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced' (git-fixes).
- media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init (git-fixes).
- memory: of: Fix refcount leak bug in of_get_ddr_timings() (git-fixes).
- memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe() (git-fixes).
- mfd: fsl-imx25: Fix an error handling path in mx25_tsadc_setup_irq() (git-fixes).
- mfd: intel_soc_pmic: Fix an error handling path in intel_soc_pmic_i2c_probe() (git-fixes).
- mfd: lp8788: Fix an error handling path in lp8788_irq_init() and lp8788_irq_init() (git-fixes).
- mfd: lp8788: Fix an error handling path in lp8788_probe() (git-fixes).
- mfd: sm501: Add check for platform_driver_register() (git-fixes).
- misc: ocxl: fix possible refcount leak in afu_ioctl() (git-fixes).
- mm, memcg: avoid stale protection values when cgroup is above protection (bsc#1204754).
- mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page (bsc#1204575).
- mm: memcontrol: fix occasional OOMs due to proportional memory.low reclaim (bsc#1204754).
- mmc: au1xmmc: Fix an error handling path in au1xmmc_probe() (git-fixes).
- mmc: core: Fix kernel panic when remove non-standard SDIO card (git-fixes).
- mmc: core: Replace with already defined values for readability (git-fixes).
- mmc: core: Terminate infinite loop in SD-UHS voltage switch (git-fixes).
- mmc: moxart: fix 4-bit bus width and remove 8-bit bus width (git-fixes).
- mmc: sdhci-msm: add compatible string check for sdm670 (git-fixes).
- mmc: sdhci-sprd: Fix minimum clock limit (git-fixes).
- mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe() (git-fixes).
- mtd: devices: docg3: check the return value of devm_ioremap() in the probe (git-fixes).
- mtd: rawnand: atmel: Unmap streaming DMA mappings (git-fixes).
- mtd: rawnand: marvell: Use correct logic for nand-keep-config (git-fixes).
- mtd: rawnand: meson: fix bit map use in meson_nfc_ecc_correct() (git-fixes).
- net/ieee802154: fix uninit value bug in dgram_sendmsg (git-fixes).
- net: ieee802154: return -EINVAL for unknown addr type (git-fixes).
- net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 (git-fixes).
- net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 (git-fixes).
- net: usb: qmi_wwan: add Quectel RM520N (git-fixes).
- openvswitch: Fix double reporting of drops in dropwatch (git-fixes).
- openvswitch: Fix overreporting of drops in dropwatch (git-fixes).
- openvswitch: switch from WARN to pr_warn (git-fixes).
- padata: introduce internal padata_get/put_pd() helpers (bsc#1202638).
- padata: make padata_free_shell() to respect pd's ->refcnt (bsc#1202638).
- parisc/sticon: fix reverse colors (bsc#1152489) Backporting notes: 	* context changes
- parisc: parisc-agp requires SBA IOMMU driver (bsc#1152489)
- phy: qualcomm: call clk_disable_unprepare in the error handling (git-fixes).
- pinctrl: armada-37xx: Add missing GPIO-only pins (git-fixes).
- pinctrl: armada-37xx: Checks for errors in gpio_request_enable callback (git-fixes).
- pinctrl: armada-37xx: Fix definitions for MPP pins 20-22 (git-fixes).
- pinctrl: rockchip: add pinmux_ops.gpio_set_direction callback (git-fixes).
- platform/x86: msi-laptop: Change DMI match / alias strings to fix module autoloading (git-fixes).
- platform/x86: msi-laptop: Fix old-ec check for backlight registering (git-fixes).
- platform/x86: msi-laptop: Fix resource cleanup (git-fixes).
- power: supply: adp5061: fix out-of-bounds read in adp5061_get_chg_type() (git-fixes).
- powerpc/64: Remove unused SYS_CALL_TABLE symbol (jsc#SLE-9246 git-fixes).
- powerpc/fadump: align destination address to pagesize (bsc#1204728 ltc#200074).
- powerpc/kprobes: Fix null pointer reference in arch_prepare_kprobe() (jsc#SLE-13847 git-fixes).
- powerpc/mm/64s: Drop pgd_huge() (bsc#1065729).
- powerpc/mm: remove pmd_huge/pud_huge stubs and include hugetlb.h (bsc#1065729).
- powerpc/pci_dn: Add missing of_node_put() (bsc#1065729).
- powerpc/powernv: add missing of_node_put() in opal_export_attrs() (bsc#1065729).
- powerpc/pseries: Interface to represent PAPR firmware attributes (bsc#1200465 ltc#197256 jsc#PED-1931).
- quota: widen timestamps for the fs_disk_quota structure (bsc#1203387).
- regulator: pfuze100: Fix the global-out-of-bounds access in pfuze100_regulator_probe() (git-fixes).
- regulator: qcom_rpm: Fix circular deferral regression (git-fixes).
- reset: imx7: Fix the iMX8MP PCIe PHY PERST support (git-fixes).
- rpmsg: qcom: glink: replace strncpy() with strscpy_pad() (git-fixes).
- rtc: stmp3xxx: Add failure handling for stmp3xxx_wdt_register() (git-fixes).
- s390/hypfs: avoid error message under KVM (bsc#1032323).
- sbitmap: Avoid leaving waitqueue in invalid state in __sbq_wake_up() (git-fixes).
- sbitmap: fix possible io hung due to lost wakeup (git-fixes).
- scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() (git-fixes).
- scsi: mpt3sas: Fix return value check of dma_get_required_mask() (git-fixes).
- scsi: qla2xxx: Fix disk failure to rediscover (git-fixes).
- selftest/powerpc: Add PAPR sysfs attributes sniff test (bsc#1200465 ltc#197256 jsc#PED-1931).
- selftests/powerpc: Skip energy_scale_info test on older firmware (git-fixes).
- serial: Create uart_xmit_advance() (git-fixes).
- serial: tegra-tcu: Use uart_xmit_advance(), fixes icount.tx accounting (git-fixes).
- serial: tegra: Use uart_xmit_advance(), fixes icount.tx accounting (git-fixes).
- soc: qcom: smem_state: Add refcounting for the 'state->of_node' (git-fixes).
- soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe() (git-fixes).
- soc: sunxi: sram: Actually claim SRAM regions (git-fixes).
- soc: sunxi: sram: Fix debugfs info for A64 SRAM C (git-fixes).
- soc: sunxi: sram: Prevent the driver from being unbound (git-fixes).
- soc: sunxi_sram: Make use of the helper function devm_platform_ioremap_resource() (git-fixes).
- spi/omap100k:Fix PM disable depth imbalance in omap1_spi100k_probe (git-fixes).
- spi: mt7621: Fix an error message in mt7621_spi_probe() (git-fixes).
- spi: qup: add missing clk_disable_unprepare on error in spi_qup_pm_resume_runtime() (git-fixes).
- spi: qup: add missing clk_disable_unprepare on error in spi_qup_resume() (git-fixes).
- spi: s3c64xx: Fix large transfers with DMA (git-fixes).
- staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv() (git-fixes).
- staging: vt6655: fix potential memory leak (git-fixes).
- staging: vt6655: fix some erroneous memory clean-up loops (git-fixes).
- struct pci_config_window kABI workaround (bsc#1204382).
- thermal: intel_powerclamp: Use first online CPU as control_cpu (git-fixes).
- thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash (git-fixes).
- tty/serial: atmel: RS485 & ISO7816: wait for TXRDY before sending data (git-fixes).
- tty: serial: fsl_lpuart: disable dma rx/tx use flags in lpuart_dma_shutdown (git-fixes).
- tty: xilinx_uartps: Fix the ignore_status (git-fixes).
- uas: add no-uas quirk for Hiksemi usb_disk (git-fixes).
- uas: ignore UAS for Thinkplus chips (git-fixes).
- usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS (git-fixes).
- usb: add quirks for Lenovo OneLink+ Dock (git-fixes).
- usb: add quirks for Lenovo OneLink+ Dock (git-fixes).
- usb: bdc: change state when port disconnected (git-fixes).
- usb: dwc3: gadget: Avoid starting DWC3 gadget during UDC unbind (git-fixes).
- usb: dwc3: gadget: Do not set IMI for no_interrupt (git-fixes).
- usb: dwc3: gadget: Prevent repeat pullup() (git-fixes).
- usb: dwc3: gadget: Stop processing more requests on IMI (git-fixes).
- usb: gadget: function: fix dangling pnp_string in f_printer.c (git-fixes).
- usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info() (git-fixes).
- usb: idmouse: fix an uninit-value in idmouse_open (git-fixes).
- usb: mon: make mmapped memory read only (git-fixes).
- usb: musb: Fix musb_gadget.c rxstate overflow bug (git-fixes).
- usb: typec: ucsi: Remove incorrect warning (git-fixes).
- usb: xhci-mtk: add a function to (un)load bandwidth info (git-fixes).
- usb: xhci-mtk: add only one extra CS for FS/LS INTR (git-fixes).
- usb: xhci-mtk: add some schedule error number (git-fixes).
- usb: xhci-mtk: fix issue of out-of-bounds array access (git-fixes).
- usb: xhci-mtk: get the microframe boundary for ESIT (git-fixes).
- usb: xhci-mtk: use @sch_tt to check whether need do TT schedule (git-fixes).
- vhost/vsock: Use kvmalloc/kvfree for larger packets (git-fixes).
- video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write (git-fixes).
- watchdog: armada_37xx_wdt: Fix .set_timeout callback (git-fixes).
- watchdog: ftwdt010_wdt: fix test for platform_get_irq() failure (git-fixes).
- wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state() (git-fixes).
- wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg() (git-fixes).
- wifi: brcmfmac: fix invalid address access when enabling SCAN log level (git-fixes).
- wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() (git-fixes).
- wifi: cfg80211: update hidden BSSes to avoid WARN_ON (git-fixes).
- wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue (other cases) (git-fixes).
- wifi: mac80211: Fix UAF in ieee80211_scan_rx() (git-fixes).
- wifi: mac80211: allow bw change during channel switch in mesh (git-fixes).
- wifi: mac80211: do not drop packets smaller than the LLC-SNAP header on fast-rx (git-fixes).
- wifi: mac80211_hwsim: avoid mac80211 warning on bad rate (git-fixes).
- wifi: rt2x00: correctly set BBP register 86 for MT7620 (git-fixes).
- wifi: rt2x00: do not run Rt5592 IQ calibration on MT7620 (git-fixes).
- wifi: rt2x00: set SoC wmac clock register (git-fixes).
- wifi: rt2x00: set VGC gain for both chains of MT7620 (git-fixes).
- wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620 (git-fixes).
- wifi: rtl8xxxu: Fix AIFS written to REG_EDCA_*_PARAM (git-fixes).
- wifi: rtl8xxxu: Fix skb misuse in TX queue selection (git-fixes).
- wifi: rtl8xxxu: Improve rtl8xxxu_queue_select (git-fixes).
- wifi: rtl8xxxu: Remove copy-paste leftover in gen2_update_rate_mask (git-fixes).
- wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration (git-fixes).
- wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse() (git-fixes).
- xfs: add missing assert in xfs_fsmap_owner_from_rmap (git-fixes).
- xfs: enable big timestamps (bsc#1203387).
- xfs: enable new inode btree counters feature (bsc#1203387).
- xfs: explicitly define inode timestamp range (bsc#1203387).
- xfs: fix memory corruption during remote attr value buffer invalidation (git-fixes).
- xfs: fix s_maxbytes computation on 32-bit kernels (git-fixes).
- xfs: hoist out xfs_resizefs_init_new_ags() (git-fixes).
- xfs: move incore structures out of xfs_da_format.h (git-fixes).
- xfs: quota: move to time64_t interfaces (bsc#1203387).
- xfs: redefine xfs_ictimestamp_t (bsc#1203387).
- xfs: redefine xfs_timestamp_t (bsc#1203387).
- xfs: refactor remote attr value buffer invalidation (git-fixes).
- xfs: remove obsolete AGF counter debugging (git-fixes).
- xfs: rename `new' to `delta' in xfs_growfs_data_private() (git-fixes).
- xfs: reserve data and rt quota at the same time (bsc#1203496).
- xfs: slightly tweak an assert in xfs_fs_map_blocks (git-fixes).
- xfs: store inode btree block counts in AGI header (bsc#1203387).
- xfs: streamline xfs_attr3_leaf_inactive (git-fixes).
- xfs: use a struct timespec64 for the in-core crtime (bsc#1203387).
- xfs: use the finobt block counts to speed up mount times (bsc#1203387).
- xfs: widen ondisk inode timestamps to deal with y2038+ (bsc#1203387).
- xfs: widen ondisk quota expiration timestamps to handle y2038+ (bsc#1203387).
- xhci: Do not show warning for reinit on known broken suspend (git-fixes).

Advisory ID: SUSE-SU-2022:4056-1
Released:    Thu Nov 17 15:38:08 2022
Summary:     Security update for systemd
Type:        security
Severity:    moderate
References:  1204179,1204968,CVE-2022-3821
This update for systemd fixes the following issues:

- CVE-2022-3821: Fixed buffer overrun in format_timespan() function (bsc#1204968).

- Import commit 56bee38fd0da18dad5fc5c5d12c02238a22b50e2
  * 8a70235d8a core: Add trigger limit for path units
  * 93e544f3a0 core/mount: also add default before dependency for automount mount units
  * 5916a7748c logind: fix crash in logind on user-specified message string

- Document udev naming scheme (bsc#1204179).

Advisory ID: SUSE-RU-2022:4066-1
Released:    Fri Nov 18 10:43:00 2022
Summary:     Recommended update for timezone
Type:        recommended
Severity:    important
References:  1177460,1202324,1204649,1205156
This update for timezone fixes the following issues:

Update timezone version from 2022a to 2022f (bsc#1177460, bsc#1204649, bsc#1205156):

- Mexico will no longer observe DST except near the US border
- Chihuahua moves to year-round -06 on 2022-10-30
- Fiji no longer observes DST
- In vanguard form, GMT is now a Zone and Etc/GMT a link
- zic now supports links to links, and vanguard form uses this
- Simplify four Ontario zones
- Fix a Y2438 bug when reading TZif data
- Enable 64-bit time_t on 32-bit glibc platforms
- Omit large-file support when no longer needed
- Jordan and Syria switch from +02/+03 with DST to year-round +03
- Palestine transitions are now Saturdays at 02:00
- Simplify three Ukraine zones into one
- Improve tzselect on intercontinental Zones
- Chile's DST is delayed by a week in September 2022 (bsc#1202324)
- Iran no longer observes DST after 2022
- Rename Europe/Kiev to Europe/Kyiv
- New `zic -R` command option
- Vanguard form now uses %z

Advisory ID: SUSE-SU-2022:4077-1
Released:    Fri Nov 18 15:05:28 2022
Summary:     Security update for sudo
Type:        security
Severity:    important
References:  1190818,1203201,1204986,CVE-2022-43995
This update for sudo fixes the following issues:

- CVE-2022-43995: Fixed a potential heap-based buffer over-read when entering a passwor dof seven characters or fewer and using the crypt() password backend (bsc#1204986).

- Fix wrong information output in the error message (bsc#1190818).
- Make sure SIGCHLD is not ignored when sudo is executed; fixes race condition (bsc#1203201).

Advisory ID: SUSE-SU-2022:4081-1
Released:    Fri Nov 18 15:40:46 2022
Summary:     Security update for dpkg
Type:        security
Severity:    low
References:  1199944,CVE-2022-1664
This update for dpkg fixes the following issues:

- CVE-2022-1664: Fixed a directory traversal vulnerability in Dpkg::Source::Archive (bsc#1199944).

The following package changes have been done:

- bind-utils-9.16.6-150300.22.21.2 updated
- curl-7.66.0-150200.4.42.1 updated
- dbus-1-1.12.2-150100.8.14.1 updated
- dhcp-client-4.3.6.P1-150000.6.17.1 updated
- dhcp-4.3.6.P1-150000.6.17.1 updated
- docker-20.10.17_ce-150000.169.1 updated
- iputils-s20161105-150000.8.6.1 updated
- kernel-default-5.3.18-150300.59.101.1 updated
- libbind9-1600-9.16.6-150300.22.21.2 updated
- libblkid1-2.36.2-150300.4.28.1 updated
- libcurl4-7.66.0-150200.4.42.1 updated
- libdbus-1-3-1.12.2-150100.8.14.1 updated
- libdns1605-9.16.6-150300.22.21.2 updated
- libexpat1-2.2.5-150000.3.25.1 updated
- libfdisk1-2.36.2-150300.4.28.1 updated
- libgpg-error0-1.42-150300.9.3.1 updated
- libirs1601-9.16.6-150300.22.21.2 updated
- libisc1606-9.16.6-150300.22.21.2 updated
- libisccc1600-9.16.6-150300.22.21.2 updated
- libisccfg1600-9.16.6-150300.22.21.2 updated
- libksba8-1.3.5-150000.4.3.1 updated
- libmount1-2.36.2-150300.4.28.1 updated
- libns1604-9.16.6-150300.22.21.2 updated
- libopenssl1_1-1.1.1d-150200.11.54.1 updated
- libprotobuf-lite20-3.9.2-150200.4.19.2 updated
- libsmartcols1-2.36.2-150300.4.28.1 updated
- libsystemd0-246.16-150300.7.54.1 updated
- libtasn1-6-4.13-150000.4.8.1 updated
- libtasn1-4.13-150000.4.8.1 updated
- libudev1-246.16-150300.7.54.1 updated
- libuuid1-2.36.2-150300.4.28.1 updated
- libxml2-2-2.9.7-150000.3.51.1 updated
- libz1-1.2.11-150000.3.36.1 updated
- nfs-client-2.1.1-150100.10.27.1 updated
- openssh-clients-8.4p1-150300.3.12.2 updated
- openssh-common-8.4p1-150300.3.12.2 updated
- openssh-server-8.4p1-150300.3.12.2 updated
- openssh-8.4p1-150300.3.12.2 updated
- openssl-1_1-1.1.1d-150200.11.54.1 updated
- pam-1.3.0-150000.6.61.1 updated
- permissions-20181225-150200.23.20.1 updated
- python-azure-agent- updated
- python3-apipkg-1.4-150000.3.4.1 updated
- python3-bind-9.16.6-150300.22.21.2 updated
- python3-cryptography-2.9.2-150200.13.1 updated
- python3-iniconfig-1.1.1-150000.1.9.1 updated
- runc-1.1.4-150000.36.1 updated
- samba-client-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2 updated
- sudo-1.9.5p2-150300.3.13.1 updated
- systemd-sysvinit-246.16-150300.7.54.1 updated
- systemd-246.16-150300.7.54.1 updated
- timezone-2022f-150000.75.15.1 updated
- udev-246.16-150300.7.54.1 updated
- update-alternatives- updated
- util-linux-systemd-2.36.2-150300.4.28.1 updated
- util-linux-2.36.2-150300.4.28.1 updated
- xen-libs-4.14.5_08-150300.3.40.1 updated

More information about the sle-security-updates mailing list