SUSE-SU-2023:1802-1: important: Security update for the Linux Kernel
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Mon Apr 10 12:31:54 UTC 2023
# Security update for the Linux Kernel
Announcement ID: SUSE-SU-2023:1802-1
Rating: important
References:
* #1065729
* #1109158
* #1189998
* #1193629
* #1194869
* #1198400
* #1203200
* #1206552
* #1207168
* #1207185
* #1207574
* #1208602
* #1208815
* #1208902
* #1209052
* #1209118
* #1209256
* #1209290
* #1209292
* #1209366
* #1209532
* #1209547
* #1209556
* #1209600
* #1209634
* #1209635
* #1209636
* #1209681
* #1209684
* #1209779
* #1209788
* #1209798
* #1209799
* #1209804
* #1209805
* #1210050
Cross-References:
* CVE-2017-5753
* CVE-2022-4744
* CVE-2023-0394
* CVE-2023-1281
* CVE-2023-1513
* CVE-2023-1582
* CVE-2023-1637
* CVE-2023-1652
* CVE-2023-28327
* CVE-2023-28464
* CVE-2023-28466
CVSS scores:
* CVE-2017-5753 ( SUSE ): 7.1 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
* CVE-2017-5753 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2017-5753 ( NVD ): 5.6 CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2022-4744 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-4744 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-0394 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-0394 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-1281 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-1281 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-1513 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2023-1513 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2023-1637 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
* CVE-2023-1637 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-1652 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-1652 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-28327 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-28464 ( SUSE ): 4.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-28464 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-28466 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-28466 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.4
* Public Cloud Module 15-SP4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves 11 vulnerabilities and has 25 fixes can now be installed.
## Description:
The SUSE Linux Enterprise 15 SP4 Azure kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
* CVE-2017-5753: Fixed spectre V1 vulnerability on netlink (bsc#1209547).
* CVE-2017-5753: Fixed spectre vulnerability in prlimit (bsc#1209256).
* CVE-2022-4744: Fixed double-free that could lead to DoS or privilege
escalation in TUN/TAP device driver functionality (bsc#1209635).
* CVE-2023-0394: Fixed NULL pointer dereference that could lead to a system
crash in rawv6_push_pending_frames in net/ipv6/raw.c (bsc#1207168).
* CVE-2023-1281: Fixed use after free that could lead to privilege escalation
in tcindex (bsc#1209634).
* CVE-2023-1513: Fixed an uninitialized portions of the kvm_debugregs
structure that could be copied to userspace, causing an information leak
(bsc#1209532).
* CVE-2023-1582: Fixed soft lockup in __page_mapcount (bsc#1209636).
* CVE-2023-1637: Fixed vulnerability that could lead to unauthorized access to
CPU memory after resuming CPU from suspend-to-RAM (bsc#1209779).
* CVE-2023-1652: Fixed use-after-free that could lead to DoS and information
leak in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c (bsc#1209788).
* CVE-2023-28327: Fixed DoS in in_skb in unix_diag_get_exact() (bsc#1209290).
* CVE-2023-28464: Fixed user-after-free that could lead to privilege
escalation in hci_conn_cleanup in net/bluetooth/hci_conn.c (bsc#1209052).
* CVE-2023-28466: Fixed race condition that could lead to use-after-free or
NULL pointer dereference in do_tls_getsockopt in net/tls/tls_main.c
(bsc#1209366).
The following non-security bugs were fixed:
* ACPI: x86: utils: Add Cezanne to the list for forcing StorageD3Enable (git-
fixes).
* ALSA: hda/conexant: Partial revert of a quirk for Lenovo (git-fixes).
* ALSA: hda/realtek: Add quirk for Lenovo ZhaoYang CF4620Z (git-fixes).
* ALSA: hda/realtek: Add quirks for some Clevo laptops (git-fixes).
* ALSA: hda/realtek: Fix support for Dell Precision 3260 (git-fixes).
* ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book2 Pro (git-
fixes).
* ALSA: hda: intel-dsp-config: add MTL PCI id (git-fixes).
* ALSA: usb-audio: Fix recursive locking at XRUN during syncing (git-fixes).
* ALSA: usb-audio: Fix regression on detection of Roland VS-100 (git-fixes).
* ALSA: ymfpci: Fix BUG_ON in probe function (git-fixes).
* ARM: dts: imx6sl: tolino-shine2hd: fix usbotg1 pinctrl (git-fixes).
* ARM: dts: imx6sll: e60k02: fix usbotg1 pinctrl (git-fixes).
* Bluetooth: L2CAP: Fix responding with wrong PDU type (git-fixes).
* Bluetooth: btqcomsmd: Fix command timeout after setting BD address (git-
fixes).
* Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished
work (git-fixes).
* Fix error path in pci-hyperv to unlock the mutex state_lock
* HID: cp2112: Fix driver not registering GPIO IRQ chip as threaded (git-
fixes).
* HID: intel-ish-hid: ipc: Fix potential use-after-free in work function (git-
fixes).
* Input: alps - fix compatibility with -funsigned-char (bsc#1209805).
* KVM: x86: fix sending PV IPI (git-fixes).
* Makefile: link with -z noexecstack --no-warn-rwx-segments (bsc#1203200).
* NFSv4: Fix hangs when recovering open state after a server reboot (git-
fixes).
* PCI/DPC: Await readiness of secondary bus after reset (git-fixes).
* PCI: hv: Add a per-bus mutex state_lock (bsc#1207185).
* PCI: hv: Fix a race condition in hv_irq_unmask() that can cause panic
(bsc#1207185).
* PCI: hv: Remove the useless hv_pcichild_state from struct hv_pci_dev
(bsc#1207185).
* PCI: hv: Use async probing to reduce boot time (bsc#1207185).
* PCI: hv: fix a race condition bug in hv_pci_query_relations() (bsc#1207185).
* Revert "Makefile: link with -z noexecstack --no-warn-rwx-segments"
(bsc#1209798)
* Revert "PCI: hv: Fix a timing issue which causes kdump to fail occasionally"
(bsc#1207185).
* Revert "Revert "Makefile: link with -z noexecstack --no-warn-rwx-segments"
(bsc#1209798)"
* Revert "Revert "x86: link vdso and boot with -z noexecstack" (bsc#1209798)
* Revert "x86: link vdso and boot with -z noexecstack" (bsc#1209798)
* USB: cdns3: Fix issue with using incorrect PCI device function (git-fixes).
* USB: cdnsp: Fixes issue with redundant Status Stage (git-fixes).
* USB: cdnsp: changes PCI Device ID to fix conflict with CNDS3 driver (git-
fixes).
* USB: chipdea: core: fix return -EINVAL if request role is the same with
current role (git-fixes).
* USB: chipidea: fix memory leak with using debugfs_lookup() (git-fixes).
* USB: dwc2: fix a devres leak in hw_enable upon suspend resume (git-fixes).
* USB: dwc3: Fix a typo in field name (git-fixes).
* USB: dwc3: gadget: Add 1ms delay after end transfer command without IOC
(git-fixes).
* USB: fotg210: fix memory leak with using debugfs_lookup() (git-fixes).
* USB: gadget: bcm63xx_udc: fix memory leak with using debugfs_lookup() (git-
fixes).
* USB: gadget: gr_udc: fix memory leak with using debugfs_lookup() (git-
fixes).
* USB: gadget: lpc32xx_udc: fix memory leak with using debugfs_lookup() (git-
fixes).
* USB: gadget: pxa25x_udc: fix memory leak with using debugfs_lookup() (git-
fixes).
* USB: gadget: u_audio: do not let userspace block driver unbind (git-fixes).
* USB: isp116x: fix memory leak with using debugfs_lookup() (git-fixes).
* USB: isp1362: fix memory leak with using debugfs_lookup() (git-fixes).
* USB: sl811: fix memory leak with using debugfs_lookup() (git-fixes).
* USB: typec: tcpm: fix warning when handle discover_identity message (git-
fixes).
* USB: ucsi: Fix NULL pointer deref in ucsi_connector_change() (git-fixes).
* USB: uhci: fix memory leak with using debugfs_lookup() (git-fixes).
* arch: fix broken BuildID for arm64 and riscv (bsc#1209798).
* arm64/cpufeature: Fix field sign for DIT hwcap detection (git-fixes)
* arm64: dts: freescale: Fix pca954x i2c-mux node names (git-fixes)
* arm64: dts: imx8mm-nitrogen-r2: fix WM8960 clock name (git-fixes).
* arm64: dts: imx8mn: specify #sound-dai-cells for SAI nodes (git-fixes).
* arm64: dts: imx8mp-phycore-som: Remove invalid PMIC property (git-fixes)
* arm64: dts: imx8mp: correct usb clocks (git-fixes)
* arm64: dts: imx8mq: add mipi csi phy and csi bridge descriptions (git-fixes)
* arm64: dts: imx8mq: fix mipi_csi bidirectional port numbers (git-fixes)
* arm64: dts: qcom: sm8350: Mark UFS controller as cache coherent (git-fixes).
* atm: idt77252: fix kmemleak when rmmod idt77252 (git-fixes).
* ca8210: Fix unsigned mac_len comparison with zero in ca8210_skb_tx() (git-
fixes).
* ca8210: fix mac_len negative array access (git-fixes).
* can: bcm: bcm_tx_setup(): fix KMSAN uninit-value in vfs_write (git-fixes).
* cifs: Fix smb2_set_path_size() (git-fixes).
* cifs: Move the in_send statistic to __smb_send_rqst() (git-fixes).
* cifs: append path to open_enter trace event (bsc#1193629).
* cifs: avoid race conditions with parallel reconnects (bsc#1193629).
* cifs: avoid races in parallel reconnects in smb1 (bsc#1193629).
* cifs: check only tcon status on tcon related functions (bsc#1193629).
* cifs: do not poll server interfaces too regularly (bsc#1193629).
* cifs: dump pending mids for all channels in DebugData (bsc#1193629).
* cifs: empty interface list when server does not support query interfaces
(bsc#1193629).
* cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL (bsc#1193629).
* cifs: fix dentry lookups in directory handle cache (bsc#1193629).
* cifs: fix missing unload_nls() in smb2_reconnect() (bsc#1193629).
* cifs: fix use-after-free bug in refresh_cache_worker() (bsc#1193629).
* cifs: generate signkey for the channel that's reconnecting (bsc#1193629).
* cifs: get rid of dead check in smb2_reconnect() (bsc#1193629).
* cifs: lock chan_lock outside match_session (bsc#1193629).
* cifs: prevent infinite recursion in CIFSGetDFSRefer() (bsc#1193629).
* cifs: print session id while listing open files (bsc#1193629).
* cifs: return DFS root session id in DebugData (bsc#1193629).
* cifs: set DFS root session in cifs_get_smb_ses() (bsc#1193629).
* cifs: use DFS root session instead of tcon ses (bsc#1193629).
* drivers/base: Fix unsigned comparison to -1 in CPUMAP_FILE_MAX_BYTES
(bsc#1208815).
* drivers/base: fix userspace break from using bin_attributes for cpumap and
cpulist (bsc#1208815).
* drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes (git-
fixes).
* drm/amdkfd: Fix an illegal memory access (git-fixes).
* drm/bridge: lt8912b: return EPROBE_DEFER if bridge is not found (git-fixes).
* drm/i915/active: Fix missing debug object activation (git-fixes).
* drm/i915/active: Fix misuse of non-idle barriers as fence trackers (git-
fixes).
* drm/i915/display/psr: Handle plane and pipe restrictions at every page flip
(git-fixes).
* drm/i915/display/psr: Use drm damage helpers to calculate plane damaged area
(git-fixes).
* drm/i915/display: Workaround cursor left overs with PSR2 selective fetch
enabled (git-fixes).
* drm/i915/display: clean up comments (git-fixes).
* drm/i915/gt: perform uc late init after probe error injection (git-fixes).
* drm/i915/psr: Use calculated io and fast wake lines (git-fixes).
* drm/i915/tc: Fix the ICL PHY ownership check in TC-cold state (git-fixes).
* drm/i915: Do not use BAR mappings for ring buffers with LLC (git-fixes).
* drm/i915: Do not use stolen memory for ring buffers with LLC (git-fixes).
* drm/i915: Preserve crtc_state->inherited during state clearing (git-fixes).
* drm/i915: Remove unused bits of i915_vma/active api (git-fixes).
* efi: sysfb_efi: Fix DMI quirks not working for simpledrm (git-fixes).
* fbdev: stifb: Provide valid pixelclock and add fb_check_var() checks (git-
fixes).
* firmware: arm_scmi: Fix device node validation for mailbox transport (git-
fixes).
* hwmon: fix potential sensor registration fail if of_node is missing (git-
fixes).
* i2c: hisi: Only use the completion interrupt to finish the transfer (git-
fixes).
* i2c: imx-lpi2c: check only for enabled interrupt flags (git-fixes).
* i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() (git-
fixes).
* kABI: x86/msr: Remove .fixup usage (kabi).
* kconfig: Update config changed flag before calling callback (git-fixes).
* lan78xx: Add missing return code checks (git-fixes).
* lan78xx: Fix exception on link speed change (git-fixes).
* lan78xx: Fix memory allocation bug (git-fixes).
* lan78xx: Fix partial packet errors on suspend/resume (git-fixes).
* lan78xx: Fix race condition in disconnect handling (git-fixes).
* lan78xx: Fix race conditions in suspend/resume handling (git-fixes).
* lan78xx: Fix white space and style issues (git-fixes).
* lan78xx: Remove unused pause frame queue (git-fixes).
* lan78xx: Remove unused timer (git-fixes).
* lan78xx: Set flow control threshold to prevent packet loss (git-fixes).
* lockd: set file_lock start and end when decoding nlm4 testargs (git-fixes).
* locking/rwbase: Mitigate indefinite writer starvation (bsc#1189998
(PREEMPT_RT prerequisite backports), bsc#1206552).
* mm: memcg: fix swapcached stat accounting (bsc#1209804).
* mmc: atmel-mci: fix race between stop command and start of next command
(git-fixes).
* mtd: rawnand: meson: invalidate cache on polling ECC bit (git-fixes).
* net: asix: fix modprobe "sysfs: cannot create duplicate filename" (git-
fixes).
* net: mdio: thunder: Add missing fwnode_handle_put() (git-fixes).
* net: phy: Ensure state transitions are processed from phy_stop() (git-
fixes).
* net: phy: dp83869: fix default value for tx-/rx-internal-delay (git-fixes).
* net: phy: nxp-c45-tja11xx: fix MII_BASIC_CONFIG_REV bit (git-fixes).
* net: phy: smsc: bail out in lan87xx_read_status if genphy_read_status fails
(git-fixes).
* net: qcom/emac: Fix use after free bug in emac_remove due to race condition
(git-fixes).
* net: usb: asix: remove redundant assignment to variable reg (git-fixes).
* net: usb: cdc_mbim: avoid altsetting toggling for Telit FE990 (git-fixes).
* net: usb: lan78xx: Limit packet length to skb->len (git-fixes).
* net: usb: qmi_wwan: add Telit 0x1080 composition (git-fixes).
* net: usb: smsc95xx: Limit packet length to skb->len (git-fixes).
* net: usb: use eth_hw_addr_set() (git-fixes).
* nilfs2: fix kernel-infoleak in nilfs_ioctl_wrap_copy() (git-fixes).
* nvme-tcp: always fail a request when sending it failed (bsc#1208902).
* pinctrl: amd: Disable and mask interrupts on resume (git-fixes).
* pinctrl: at91-pio4: fix domain name assignment (git-fixes).
* pinctrl: ocelot: Fix alt mode for ocelot (git-fixes).
* platform/chrome: cros_ec_chardev: fix kernel data leak from ioctl (git-
fixes).
* platform/x86/intel/pmc: Alder Lake PCH slp_s0_residency fix (git-fixes).
* platform/x86: think-lmi: Add possible_values for ThinkStation (git-fixes).
* platform/x86: think-lmi: Certificate authentication support (bsc#1210050).
* platform/x86: think-lmi: Move kobject_init() call into tlmi_create_auth()
(bsc#1210050).
* platform/x86: think-lmi: Opcode support (bsc#1210050).
* platform/x86: think-lmi: Prevent underflow in index_store() (bsc#1210050).
* platform/x86: think-lmi: Simplify tlmi_analyze() error handling a bit
(bsc#1210050).
* platform/x86: think-lmi: Use min_t() for comparison and assignment
(bsc#1210050).
* platform/x86: think-lmi: add debug_cmd (bsc#1210050).
* platform/x86: think-lmi: add missing type attribute (git-fixes).
* platform/x86: think-lmi: certificate support clean ups (bsc#1210050).
* platform/x86: think-lmi: only display possible_values if available (git-
fixes).
* platform/x86: think-lmi: use correct possible_values delimiters (git-fixes).
* platform/x86: thinkpad-acpi: Add support for automatic mode transitions
(bsc#1210050).
* platform/x86: thinkpad-acpi: Enable AMT by default on supported systems
(bsc#1210050).
* platform/x86: thinkpad-acpi: profile capabilities as integer (bsc#1210050).
* platform/x86: thinkpad_acpi: Accept ibm_init_struct.init() returning -ENODEV
(bsc#1210050).
* platform/x86: thinkpad_acpi: Add LED_RETAIN_AT_SHUTDOWN to led_class_devs
(bsc#1210050).
* platform/x86: thinkpad_acpi: Add PSC mode support (bsc#1210050).
* platform/x86: thinkpad_acpi: Add a s2idle resume quirk for a number of
laptops (bsc#1210050).
* platform/x86: thinkpad_acpi: Add dual fan probe (bsc#1210050).
* platform/x86: thinkpad_acpi: Add dual-fan quirk for T15g (2nd gen)
(bsc#1210050).
* platform/x86: thinkpad_acpi: Add hotkey_notify_extended_hotkey() helper
(bsc#1210050).
* platform/x86: thinkpad_acpi: Add lid_logo_dot to the list of safe LEDs
(bsc#1210050).
* platform/x86: thinkpad_acpi: Add quirk for ThinkPads without a fan
(bsc#1210050).
* platform/x86: thinkpad_acpi: Cleanup dytc_profile_available (bsc#1210050).
* platform/x86: thinkpad_acpi: Convert btusb DMI list to quirks (bsc#1210050).
* platform/x86: thinkpad_acpi: Convert platform driver to use dev_groups
(bsc#1210050).
* platform/x86: thinkpad_acpi: Correct dual fan probe (bsc#1210050).
* platform/x86: thinkpad_acpi: Do not use test_bit on an integer
(bsc#1210050).
* platform/x86: thinkpad_acpi: Enable s2idle quirk for 21A1 machine type
(bsc#1210050).
* platform/x86: thinkpad_acpi: Explicitly set to balanced mode on startup
(bsc#1210050).
* platform/x86: thinkpad_acpi: Fix a memory leak of EFCH MMIO resource
(bsc#1210050).
* platform/x86: thinkpad_acpi: Fix coccinelle warnings (bsc#1210050).
* platform/x86: thinkpad_acpi: Fix compiler warning about uninitialized err
variable (bsc#1210050).
* platform/x86: thinkpad_acpi: Fix incorrect use of platform profile on AMD
platforms (bsc#1210050).
* platform/x86: thinkpad_acpi: Fix max_brightness of thinklight (bsc#1210050).
* platform/x86: thinkpad_acpi: Fix profile mode display in AMT mode
(bsc#1210050).
* platform/x86: thinkpad_acpi: Fix profile modes on Intel platforms
(bsc#1210050).
* platform/x86: thinkpad_acpi: Fix reporting a non present second fan on some
models (bsc#1210050).
* platform/x86: thinkpad_acpi: Fix the hwmon sysfs-attr showing up in the
wrong place (bsc#1210050).
* platform/x86: thinkpad_acpi: Fix thermal_temp_input_attr sorting
(bsc#1210050).
* platform/x86: thinkpad_acpi: Fix thinklight LED brightness returning 255
(bsc#1210050).
* platform/x86: thinkpad_acpi: Get privacy-screen / lcdshadow ACPI handles
only once (bsc#1210050).
* platform/x86: thinkpad_acpi: Make *_init() functions return -ENODEV instead
of 1 (bsc#1210050).
* platform/x86: thinkpad_acpi: Properly indent code in
tpacpi_dytc_profile_init() (bsc#1210050).
* platform/x86: thinkpad_acpi: Register tpacpi_pdriver after subdriver init
(bsc#1210050).
* platform/x86: thinkpad_acpi: Remove "goto err_exit" from hotkey_init()
(bsc#1210050).
* platform/x86: thinkpad_acpi: Remove unused sensors_pdev_attrs_registered
flag (bsc#1210050).
* platform/x86: thinkpad_acpi: Restore missing hotkey_tablet_mode and
hotkey_radio_sw sysfs-attr (bsc#1210050).
* platform/x86: thinkpad_acpi: Simplify dytc_version handling (bsc#1210050).
* platform/x86: thinkpad_acpi: Switch to common use of attributes
(bsc#1210050).
* platform/x86: thinkpad_acpi: Use backlight helper (bsc#1210050).
* platform/x86: thinkpad_acpi: clean up dytc profile convert (bsc#1210050).
* platform/x86: thinkpad_acpi: consistently check fan_get_status return
(bsc#1210050).
* platform/x86: thinkpad_acpi: do not use PSC mode on Intel platforms
(bsc#1210050).
* platform/x86: thinkpad_acpi: tpacpi_attr_group contains driver attributes
not device attrs (bsc#1210050).
* platform/x86: thinkpad_acpi: use strstarts() (bsc#1210050).
* power: supply: da9150: Fix use after free bug in da9150_charger_remove due
to race condition (git-fixes).
* powerpc/64s/interrupt: Fix interrupt exit race with security mitigation
switch (bsc#1194869).
* powerpc/btext: add missing of_node_put (bsc#1065729).
* powerpc/ioda/iommu/debugfs: Generate unique debugfs entries (bsc#1194869).
* powerpc/iommu: Add missing of_node_put in iommu_init_early_dart
(bsc#1194869).
* powerpc/iommu: fix memory leak with using debugfs_lookup() (bsc#1194869).
* powerpc/kcsan: Exclude udelay to prevent recursive instrumentation
(bsc#1194869).
* powerpc/kexec_file: fix implicit decl error (bsc#1194869).
* powerpc/powernv/ioda: Skip unallocated resources when mapping to PE
(bsc#1065729).
* powerpc/powernv: fix missing of_node_put in uv_init() (bsc#1194869).
* powerpc/pseries/lpar: add missing RTAS retry status handling (bsc#1109158
ltc#169177 git-fixes).
* powerpc/pseries/lparcfg: add missing RTAS retry status handling
(bsc#1065729).
* powerpc/rtas: ensure 4KB alignment for rtas_data_buf (bsc#1065729).
* powerpc/vmlinux.lds: Define RUNTIME_DISCARD_EXIT (bsc#1194869).
* powerpc/vmlinux.lds: Do not discard .comment (bsc#1194869).
* powerpc/vmlinux.lds: Do not discard .rela* for relocatable builds
(bsc#1194869).
* powerpc/xmon: Fix -Wswitch-unreachable warning in bpt_cmds (bsc#1194869).
* powerpc: Remove linker flag from KBUILD_AFLAGS (bsc#1194869).
* r8169: fix RTL8168H and RTL8107E rx crc error (git-fixes).
* regulator: Handle deferred clk (git-fixes).
* remove "PCI: hv: Use async probing to reduce boot time" (bsc#1207185).
* rpm/config.sh: Disable DT build. This setting has been ignored for non-
default variants so far.
* rpm/constraints.in: increase the disk size for armv6/7 to 24GB It grows and
the build fails recently on SLE15-SP4/5.
* s390/boot: simplify and fix kernel memory layout setup (bsc#1209600).
* s390/dasd: fix no record found for raw_track_access (bsc#1207574).
* s390/vfio-ap: fix memory leak in vfio_ap device driver (git-fixes).
* sbitmap: Avoid lockups when waker gets preempted (bsc#1209118).
* sched/psi: Fix use-after-free in ep_remove_wait_queue() (bsc#1209799).
* scsi: qla2xxx: Synchronize the IOCB count to be in order (bsc#1209292
bsc#1209684 bsc#1209556).
* sctp: sctp_sock_filter(): avoid list_entry() on possibly empty list
(bsc#1208602, git-fixes).
* serial: 8250: ASPEED_VUART: select REGMAP instead of depending on it (git-
fixes).
* serial: 8250: SERIAL_8250_ASPEED_VUART should depend on ARCH_ASPEED (git-
fixes).
* serial: fsl_lpuart: Fix comment typo (git-fixes).
* smb3: fix unusable share after force unmount failure (bsc#1193629).
* smb3: lower default deferred close timeout to address perf regression
(bsc#1193629).
* thunderbolt: Add missing UNSET_INBOUND_SBTX for retimer access (git-fixes).
* thunderbolt: Call tb_check_quirks() after initializing adapters (git-fixes).
* thunderbolt: Disable interrupt auto clear for rings (git-fixes).
* thunderbolt: Rename shadowed variables bit to interrupt_bit and
auto_clear_bit (git-fixes).
* thunderbolt: Use const qualifier for `ring_interrupt_index` (git-fixes).
* thunderbolt: Use scale field when allocating USB3 bandwidth (git-fixes).
* tty: serial: fsl_lpuart: skip waiting for transmission complete when
UARTCTRL_SBK is asserted (git-fixes).
* uas: Add US_FL_NO_REPORT_OPCODES for JMicron JMS583Gen 2 (git-fixes).
* vdpa_sim: set last_used_idx as last_avail_idx in vdpasim_queue_ready (git-
fixes).
* wifi: mac80211: fix qos on mesh interfaces (git-fixes).
* x86/bug: Merge annotate_reachable() into _BUG_FLAGS() asm (git-fixes).
* x86/fpu/xsave: Handle compacted offsets correctly with supervisor states
(git-fixes).
* x86/fpu/xstate: Fix the ARCH_REQ_XCOMP_PERM implementation (git-fixes).
* x86/fpu/xstate: Fix the ARCH_REQ_XCOMP_PERM implementation (git-fixes).
* x86/fpu: Cache xfeature flags from CPUID (git-fixes).
* x86/fpu: Remove unused supervisor only offsets (git-fixes).
* x86/kvm: Do not use pv tlb/ipi/sched_yield if on 1 vCPU (git-fixes).
* x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes).
* x86/mce: Allow instrumentation during task work queueing (git-fixes).
* x86/mce: Mark mce_end() noinstr (git-fixes).
* x86/mce: Mark mce_panic() noinstr (git-fixes).
* x86/mce: Mark mce_read_aux() noinstr (git-fixes).
* x86/mm: Flush global TLB when switching to trampoline page-table (git-
fixes).
* x86/msr: Remove .fixup usage (git-fixes).
* x86/sgx: Free backing memory after faulting the enclave page (git-fixes).
* x86/sgx: Silence softlockup detection when releasing large enclaves (git-
fixes).
* x86/uaccess: Move variable into switch case statement (git-fixes).
* x86: Annotate call_on_stack() (git-fixes).
* x86: link vdso and boot with -z noexecstack --no-warn-rwx-segments
(bsc#1203200).
* xfs: convert ptag flags to unsigned (git-fixes).
* xfs: do not assert fail on perag references on teardown (git-fixes).
* xfs: do not leak btree cursor when insrec fails after a split (git-fixes).
* xfs: pass the correct cursor to xfs_iomap_prealloc_size (git-fixes).
* xfs: remove xfs_setattr_time() declaration (git-fixes).
* xfs: zero inode fork buffer at allocation (git-fixes).
* xirc2ps_cs: Fix use after free bug in xirc2ps_detach (git-fixes).
## Special Instructions and Notes:
* Please reboot the system after installing this update.
## Patch Instructions:
To install this SUSE Important update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch openSUSE-SLE-15.4-2023-1802=1
* Public Cloud Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2023-1802=1
## Package List:
* openSUSE Leap 15.4 (aarch64 x86_64)
* ocfs2-kmp-azure-5.14.21-150400.14.43.1
* kselftests-kmp-azure-5.14.21-150400.14.43.1
* kernel-azure-optional-debuginfo-5.14.21-150400.14.43.1
* dlm-kmp-azure-5.14.21-150400.14.43.1
* kernel-azure-debugsource-5.14.21-150400.14.43.1
* kernel-azure-devel-5.14.21-150400.14.43.1
* kernel-azure-livepatch-devel-5.14.21-150400.14.43.1
* ocfs2-kmp-azure-debuginfo-5.14.21-150400.14.43.1
* reiserfs-kmp-azure-5.14.21-150400.14.43.1
* kernel-azure-devel-debuginfo-5.14.21-150400.14.43.1
* cluster-md-kmp-azure-debuginfo-5.14.21-150400.14.43.1
* kernel-azure-extra-debuginfo-5.14.21-150400.14.43.1
* kernel-azure-extra-5.14.21-150400.14.43.1
* kselftests-kmp-azure-debuginfo-5.14.21-150400.14.43.1
* kernel-azure-debuginfo-5.14.21-150400.14.43.1
* kernel-syms-azure-5.14.21-150400.14.43.1
* reiserfs-kmp-azure-debuginfo-5.14.21-150400.14.43.1
* gfs2-kmp-azure-debuginfo-5.14.21-150400.14.43.1
* gfs2-kmp-azure-5.14.21-150400.14.43.1
* dlm-kmp-azure-debuginfo-5.14.21-150400.14.43.1
* kernel-azure-optional-5.14.21-150400.14.43.1
* cluster-md-kmp-azure-5.14.21-150400.14.43.1
* openSUSE Leap 15.4 (aarch64 nosrc x86_64)
* kernel-azure-5.14.21-150400.14.43.1
* openSUSE Leap 15.4 (noarch)
* kernel-devel-azure-5.14.21-150400.14.43.1
* kernel-source-azure-5.14.21-150400.14.43.1
* Public Cloud Module 15-SP4 (aarch64 nosrc x86_64)
* kernel-azure-5.14.21-150400.14.43.1
* Public Cloud Module 15-SP4 (aarch64 x86_64)
* kernel-azure-debuginfo-5.14.21-150400.14.43.1
* kernel-syms-azure-5.14.21-150400.14.43.1
* kernel-azure-debugsource-5.14.21-150400.14.43.1
* kernel-azure-devel-5.14.21-150400.14.43.1
* kernel-azure-devel-debuginfo-5.14.21-150400.14.43.1
* Public Cloud Module 15-SP4 (noarch)
* kernel-devel-azure-5.14.21-150400.14.43.1
* kernel-source-azure-5.14.21-150400.14.43.1
## References:
* https://www.suse.com/security/cve/CVE-2017-5753.html
* https://www.suse.com/security/cve/CVE-2022-4744.html
* https://www.suse.com/security/cve/CVE-2023-0394.html
* https://www.suse.com/security/cve/CVE-2023-1281.html
* https://www.suse.com/security/cve/CVE-2023-1513.html
* https://www.suse.com/security/cve/CVE-2023-1582.html
* https://www.suse.com/security/cve/CVE-2023-1637.html
* https://www.suse.com/security/cve/CVE-2023-1652.html
* https://www.suse.com/security/cve/CVE-2023-28327.html
* https://www.suse.com/security/cve/CVE-2023-28464.html
* https://www.suse.com/security/cve/CVE-2023-28466.html
* https://bugzilla.suse.com/show_bug.cgi?id=1065729
* https://bugzilla.suse.com/show_bug.cgi?id=1109158
* https://bugzilla.suse.com/show_bug.cgi?id=1189998
* https://bugzilla.suse.com/show_bug.cgi?id=1193629
* https://bugzilla.suse.com/show_bug.cgi?id=1194869
* https://bugzilla.suse.com/show_bug.cgi?id=1198400
* https://bugzilla.suse.com/show_bug.cgi?id=1203200
* https://bugzilla.suse.com/show_bug.cgi?id=1206552
* https://bugzilla.suse.com/show_bug.cgi?id=1207168
* https://bugzilla.suse.com/show_bug.cgi?id=1207185
* https://bugzilla.suse.com/show_bug.cgi?id=1207574
* https://bugzilla.suse.com/show_bug.cgi?id=1208602
* https://bugzilla.suse.com/show_bug.cgi?id=1208815
* https://bugzilla.suse.com/show_bug.cgi?id=1208902
* https://bugzilla.suse.com/show_bug.cgi?id=1209052
* https://bugzilla.suse.com/show_bug.cgi?id=1209118
* https://bugzilla.suse.com/show_bug.cgi?id=1209256
* https://bugzilla.suse.com/show_bug.cgi?id=1209290
* https://bugzilla.suse.com/show_bug.cgi?id=1209292
* https://bugzilla.suse.com/show_bug.cgi?id=1209366
* https://bugzilla.suse.com/show_bug.cgi?id=1209532
* https://bugzilla.suse.com/show_bug.cgi?id=1209547
* https://bugzilla.suse.com/show_bug.cgi?id=1209556
* https://bugzilla.suse.com/show_bug.cgi?id=1209600
* https://bugzilla.suse.com/show_bug.cgi?id=1209634
* https://bugzilla.suse.com/show_bug.cgi?id=1209635
* https://bugzilla.suse.com/show_bug.cgi?id=1209636
* https://bugzilla.suse.com/show_bug.cgi?id=1209681
* https://bugzilla.suse.com/show_bug.cgi?id=1209684
* https://bugzilla.suse.com/show_bug.cgi?id=1209779
* https://bugzilla.suse.com/show_bug.cgi?id=1209788
* https://bugzilla.suse.com/show_bug.cgi?id=1209798
* https://bugzilla.suse.com/show_bug.cgi?id=1209799
* https://bugzilla.suse.com/show_bug.cgi?id=1209804
* https://bugzilla.suse.com/show_bug.cgi?id=1209805
* https://bugzilla.suse.com/show_bug.cgi?id=1210050
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20230410/474264a8/attachment.htm>
More information about the sle-security-updates
mailing list