SUSE-SU-2023:3377-1: important: Security update for the Linux Kernel

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Tue Aug 22 20:30:20 UTC 2023



# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2023:3377-1  
Rating: important  
References:

  * #1206418
  * #1207129
  * #1210627
  * #1210780
  * #1211131
  * #1211738
  * #1212502
  * #1212604
  * #1212901
  * #1213167
  * #1213272
  * #1213287
  * #1213304
  * #1213588
  * #1213620
  * #1213653
  * #1213713
  * #1213715
  * #1213747
  * #1213756
  * #1213759
  * #1213777
  * #1213810
  * #1213812
  * #1213856
  * #1213857
  * #1213863
  * #1213867
  * #1213870
  * #1213871

  
Cross-References:

  * CVE-2022-40982
  * CVE-2023-0459
  * CVE-2023-20569
  * CVE-2023-21400
  * CVE-2023-2156
  * CVE-2023-2166
  * CVE-2023-31083
  * CVE-2023-3268
  * CVE-2023-3567
  * CVE-2023-3776
  * CVE-2023-4004

  
CVSS scores:

  * CVE-2022-40982 ( SUSE ):  6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2022-40982 ( NVD ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
  * CVE-2023-0459 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-0459 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-20569 ( SUSE ):  5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
  * CVE-2023-20569 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-21400 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-21400 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-2156 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-2156 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-2166 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-2166 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-31083 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-31083 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-3268 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
  * CVE-2023-3268 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2023-3567 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-3567 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-3776 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-3776 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-4004 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-4004 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * Public Cloud Module 15-SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves 11 vulnerabilities and has 19 fixes can now be installed.

## Description:

The SUSE Linux Enterprise 15 SP4 Azure kernel was updated to receive various
security and bugfixes.

The following security bugs were fixed:

  * CVE-2022-40982: Fixed transient execution attack called "Gather Data
    Sampling" (bsc#1206418).
  * CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec
    (bsc#1211738).
  * CVE-2023-20569: Fixed side channel attack ‘Inception’ or ‘RAS Poisoning’
    (bsc#1213287).
  * CVE-2023-21400: Fixed several memory corruptions due to improper locking in
    io_uring (bsc#1213272).
  * CVE-2023-2156: Fixed a flaw in the networking subsystem within the handling
    of the RPL protocol (bsc#1211131).
  * CVE-2023-2166: Fixed NULL pointer dereference in can_rcv_filter
    (bsc#1210627).
  * CVE-2023-31083: Fixed race condition in hci_uart_tty_ioctl (bsc#1210780).
  * CVE-2023-3268: Fixed an out of bounds memory access flaw in
    relay_file_read_start_pos in the relayfs (bsc#1212502).
  * CVE-2023-3567: Fixed a use-after-free in vcs_read in
    drivers/tty/vt/vc_screen.c (bsc#1213167).
  * CVE-2023-3776: Fixed improper refcount update in cls_fw leads to use-after-
    free (bsc#1213588).
  * CVE-2023-4004: Fixed improper element removal netfilter nft_set_pipapo
    (bsc#1213812).

The following non-security bugs were fixed:

  * afs: adjust ack interpretation to try and cope with nat (git-fixes).
  * afs: fix access after dec in put functions (git-fixes).
  * afs: fix afs_getattr() to refetch file status if callback break occurred
    (git-fixes).
  * afs: fix dynamic root getattr (git-fixes).
  * afs: fix fileserver probe rtt handling (git-fixes).
  * afs: fix infinite loop found by xfstest generic/676 (git-fixes).
  * afs: fix lost servers_outstanding count (git-fixes).
  * afs: fix server->active leak in afs_put_server (git-fixes).
  * afs: fix setting of mtime when creating a file/dir/symlink (git-fixes).
  * afs: fix updating of i_size with dv jump from server (git-fixes).
  * afs: fix vlserver probe rtt handling (git-fixes).
  * afs: return -eagain, not -eremoteio, when a file already locked (git-fixes).
  * afs: use refcount_t rather than atomic_t (git-fixes).
  * afs: use the operation issue time instead of the reply time for callbacks
    (git-fixes).
  * alsa: emu10k1: roll up loops in dsp setup code for audigy (git-fixes).
  * alsa: hda/realtek: support asus g713pv laptop (git-fixes).
  * alsa: hda/relatek: enable mute led on hp 250 g8 (git-fixes).
  * alsa: usb-audio: add quirk for microsoft modern wireless headset
    (bsc#1207129).
  * alsa: usb-audio: update for native dsd support quirks (git-fixes).
  * asoc: atmel: fix the 8k sample parameter in i2sc master (git-fixes).
  * asoc: codecs: es8316: fix dmic config (git-fixes).
  * asoc: da7219: check for failure reading aad irq events (git-fixes).
  * asoc: da7219: flush pending aad irq when suspending (git-fixes).
  * asoc: fsl_sai: disable bit clock with transmitter (git-fixes).
  * asoc: fsl_spdif: silence output on stop (git-fixes).
  * asoc: rt5682-sdw: fix for jd event handling in clockstop mode0 (git-fixes).
  * asoc: rt711-sdca: fix for jd event handling in clockstop mode0 (git-fixes).
  * asoc: rt711: fix for jd event handling in clockstop mode0 (git-fixes).
  * asoc: wm8904: fill the cache for wm8904_adc_test_0 register (git-fixes).
  * ata: pata_ns87415: mark ns87560_tf_read static (git-fixes).
  * block, bfq: fix division by zero error on zero wsum (bsc#1213653).
  * block: fix a source code comment in include/uapi/linux/blkzoned.h (git-
    fixes).
  * can: gs_usb: gs_can_close(): add missing set of can state to
    can_state_stopped (git-fixes).
  * ceph: do not let check_caps skip sending responses for revoke msgs
    (bsc#1213856).
  * coda: avoid partial allocation of sig_inputargs (git-fixes).
  * dlm: fix missing lkb refcount handling (git-fixes).
  * dlm: fix plock invalid read (git-fixes).
  * documentation: devices.txt: reconcile serial/ucc_uart minor numers (git-
    fixes).
  * drm/amd/display: disable mpc split by default on special asic (git-fixes).
  * drm/amd/display: keep phy active for dp displays on dcn31 (git-fixes).
  * drm/client: fix memory leak in drm_client_modeset_probe (git-fixes).
  * drm/msm/adreno: fix snapshot bindless_data size (git-fixes).
  * drm/msm/dpu: drop enum dpu_core_perf_data_bus_id (git-fixes).
  * drm/msm: fix is_err_or_null() vs null check in a5xx_submit_in_rb() (git-
    fixes).
  * drm/radeon: fix integer overflow in radeon_cs_parser_init (git-fixes).
  * drop amdgpu patches for fixing regression (bsc#1213304,bsc#1213777)
  * file: always lock position for fmode_atomic_pos (bsc#1213759).
  * fs: dlm: add midcomms init/start functions (git-fixes).
  * fs: dlm: do not set stop rx flag after node reset (git-fixes).
  * fs: dlm: filter user dlm messages for kernel locks (git-fixes).
  * fs: dlm: fix log of lowcomms vs midcomms (git-fixes).
  * fs: dlm: fix race between test_bit() and queue_work() (git-fixes).
  * fs: dlm: fix race in lowcomms (git-fixes).
  * fs: dlm: handle -ebusy first in lock arg validation (git-fixes).
  * fs: dlm: move sending fin message into state change handling (git-fixes).
  * fs: dlm: retry accept() until -eagain or error returns (git-fixes).
  * fs: dlm: return positive pid value for f_getlk (git-fixes).
  * fs: dlm: start midcomms before scand (git-fixes).
  * fs: hfsplus: remove warn_on() from hfsplus_cat_{read,write}_inode() (git-
    fixes).
  * fs: jfs: check for read-only mounted filesystem in txbegin (git-fixes).
  * fs: jfs: fix null-ptr-deref read in txbegin (git-fixes).
  * fs: jfs: fix ubsan: array-index-out-of-bounds in dballocdmaplev (git-fixes).
  * gve: set default duplex configuration to full (git-fixes).
  * gve: unify driver name usage (git-fixes).
  * hwmon: (k10temp) enable amd3255 proc to show negative temperature (git-
    fixes).
  * hwmon: (nct7802) fix for temp6 (peci1) processed even if peci1 disabled
    (git-fixes).
  * iavf: fix out-of-bounds when setting channels on remove (git-fixes).
  * iavf: fix use-after-free in free_netdev (git-fixes).
  * iavf: use internal state to free traffic irqs (git-fixes).
  * igc: check if hardware tx timestamping is enabled earlier (git-fixes).
  * igc: enable and fix rx hash usage by netstack (git-fixes).
  * igc: fix inserting of empty frame for launchtime (git-fixes).
  * igc: fix kernel panic during ndo_tx_timeout callback (git-fixes).
  * igc: fix launchtime before start of cycle (git-fixes).
  * igc: fix race condition in ptp tx code (git-fixes).
  * igc: handle pps start time programming for past time values (git-fixes).
  * igc: prevent garbled tx queue with xdp zerocopy (git-fixes).
  * igc: remove delay during tx ring configuration (git-fixes).
  * igc: set tp bit in 'supported' and 'advertising' fields of
    ethtool_link_ksettings (git-fixes).
  * igc: work around hw bug causing missing timestamps (git-fixes).
  * input: i8042 - add clevo pcx0dx to i8042 quirk table (git-fixes).
  * input: iqs269a - do not poll during ati (git-fixes).
  * input: iqs269a - do not poll during suspend or resume (git-fixes).
  * jffs2: fix memory leak in jffs2_do_fill_super (git-fixes).
  * jffs2: fix memory leak in jffs2_do_mount_fs (git-fixes).
  * jffs2: fix memory leak in jffs2_scan_medium (git-fixes).
  * jffs2: fix use-after-free in jffs2_clear_xattr_subsystem (git-fixes).
  * jffs2: gc deadlock reading a page that is used in jffs2_write_begin() (git-
    fixes).
  * jffs2: reduce stack usage in jffs2_build_xattr_subsystem() (git-fixes).
  * jfs: jfs_dmap: validate db_l2nbperpage while mounting (git-fixes).
  * kernel-binary.spec.in: remove superfluous %% in supplements fixes:
    02b7735e0caf ("rpm/kernel-binary.spec.in: add enhances and supplements tags
    to in-tree kmps")
  * kvm: arm64: do not read a hw interrupt pending state in user context (git-
    fixes)
  * kvm: arm64: warn if accessing timer pending state outside of vcpu
    (bsc#1213620)
  * kvm: do not null dereference ops->destroy (git-fixes)
  * kvm: downgrade two bug_ons to warn_on_once (git-fixes)
  * kvm: initialize debugfs_dentry when a vm is created to avoid null (git-
    fixes)
  * kvm: s390: pv: fix index value of replaced asce (git-fixes bsc#1213867).
  * kvm: vmx: inject #gp on encls if vcpu has paging disabled (cr0.pg==0) (git-
    fixes).
  * kvm: vmx: inject #gp, not #ud, if sgx2 encls leafs are unsupported (git-
    fixes).
  * kvm: vmx: restore vmx_vmexit alignment (git-fixes).
  * kvm: x86: account fastpath-only vm-exits in vcpu stats (git-fixes).
  * libceph: harden msgr2.1 frame segment length checks (bsc#1213857).
  * media: staging: atomisp: select v4l2_fwnode (git-fixes).
  * net: ena: fix shift-out-of-bounds in exponential backoff (git-fixes).
  * net: mana: batch ringing rx queue doorbell on receiving packets
    (bsc#1212901).
  * net: mana: use the correct wqe count for ringing rq doorbell (bsc#1212901).
  * net: phy: marvell10g: fix 88x3310 power up (git-fixes).
  * nfsd: add encoding of op_recall flag for write delegation (git-fixes).
  * nfsd: fix double fget() bug in __write_ports_addfd() (git-fixes).
  * nfsd: fix sparse warning (git-fixes).
  * nfsd: remove open coding of string copy (git-fixes).
  * nfsv4.1: always send a reclaim_complete after establishing lease (git-
    fixes).
  * nfsv4.1: freeze the session table upon receiving nfs4err_badsession (git-
    fixes).
  * nvme-pci: fix dma direction of unmapping integrity data (git-fixes).
  * nvme-pci: remove nvme_queue from nvme_iod (git-fixes).
  * octeontx-af: fix hardware timestamp configuration (git-fixes).
  * octeontx2-af: move validation of ptp pointer before its usage (git-fixes).
  * octeontx2-pf: add additional check for mcam rules (git-fixes).
  * phy: hisilicon: fix an out of bounds check in hisi_inno_phy_probe() (git-
    fixes).
  * pinctrl: amd: do not show `invalid config param` errors (git-fixes).
  * pinctrl: amd: use amd_pinconf_set() for all config options (git-fixes).
  * platform/x86: msi-laptop: fix rfkill out-of-sync on msi wind u100 (git-
    fixes).
  * rdma/bnxt_re: fix hang during driver unload (git-fixes)
  * rdma/bnxt_re: prevent handling any completions after qp destroy (git-fixes)
  * rdma/core: update cma destination address on rdma_resolve_addr (git-fixes)
  * rdma/irdma: add missing read barriers (git-fixes)
  * rdma/irdma: fix data race on cqp completion stats (git-fixes)
  * rdma/irdma: fix data race on cqp request done (git-fixes)
  * rdma/irdma: fix op_type reporting in cqes (git-fixes)
  * rdma/irdma: report correct wc error (git-fixes)
  * rdma/mlx4: make check for invalid flags stricter (git-fixes)
  * rdma/mthca: fix crash when polling cq for shared qps (git-fixes)
  * regmap: account for register length in smbus i/o limits (git-fixes).
  * regmap: drop initial version of maximum transfer length fixes (git-fixes).
  * revert "debugfs, coccinelle: check for obsolete define_simple_attribute()
    usage" (git-fixes).
  * revert "nfsv4: retry lock on old_stateid during delegation return" (git-
    fixes).
  * revert "usb: dwc3: core: enable autoretry feature in the controller" (git-
    fixes).
  * revert "usb: gadget: tegra-xudc: fix error check in
    tegra_xudc_powerdomain_init()" (git-fixes).
  * revert "usb: xhci: tegra: fix error check" (git-fixes).
  * rpm: update dependency to match current kmod.
  * rxrpc, afs: fix selection of abort codes (git-fixes).
  * s390/bpf: add expoline to tail calls (git-fixes bsc#1213870).
  * s390/dasd: fix hanging device after quiesce/resume (git-fixes bsc#1213810).
  * s390/decompressor: specify __decompress() buf len to avoid overflow (git-
    fixes bsc#1213863).
  * s390/ipl: add missing intersection check to ipl_report handling (git-fixes
    bsc#1213871).
  * s390/qeth: fix vipa deletion (git-fixes bsc#1213713).
  * s390/vmem: fix empty page tables cleanup under kasan (git-fixes
    bsc#1213715).
  * s390: introduce nospec_uses_trampoline() (git-fixes bsc#1213870).
  * scftorture: count reschedule ipis (git-fixes).
  * scsi: lpfc: abort outstanding els cmds when mailbox timeout error is
    detected (bsc#1213756).
  * scsi: lpfc: avoid -wstringop-overflow warning (bsc#1213756).
  * scsi: lpfc: clean up sli-4 sysfs resource reporting (bsc#1213756).
  * scsi: lpfc: copyright updates for 14.2.0.14 patches (bsc#1213756).
  * scsi: lpfc: fix a possible data race in lpfc_unregister_fcf_rescan()
    (bsc#1213756).
  * scsi: lpfc: fix incorrect big endian type assignment in bsg loopback path
    (bsc#1213756).
  * scsi: lpfc: fix incorrect big endian type assignments in fdmi and vmid paths
    (bsc#1213756).
  * scsi: lpfc: fix lpfc_name struct packing (bsc#1213756).
  * scsi: lpfc: make fabric zone discovery more robust when handling unsolicited
    logo (bsc#1213756).
  * scsi: lpfc: pull out fw diagnostic dump log message from driver's trace
    buffer (bsc#1213756).
  * scsi: lpfc: qualify ndlp discovery state when processing rscn (bsc#1213756).
  * scsi: lpfc: refactor cpu affinity assignment paths (bsc#1213756).
  * scsi: lpfc: remove extra ndlp kref decrement in flogi cmpl for loop topology
    (bsc#1213756).
  * scsi: lpfc: replace all non-returning strlcpy() with strscpy()
    (bsc#1213756).
  * scsi: lpfc: replace one-element array with flexible-array member
    (bsc#1213756).
  * scsi: lpfc: revise ndlp kref handling for dev_loss_tmo_callbk and
    lpfc_drop_node (bsc#1213756).
  * scsi: lpfc: set establish image pair service parameter only for target
    functions (bsc#1213756).
  * scsi: lpfc: simplify fcp_abort transport callback log message (bsc#1213756).
  * scsi: lpfc: update lpfc version to 14.2.0.14 (bsc#1213756).
  * scsi: lpfc: use struct_size() helper (bsc#1213756).
  * scsi: qla2xxx: adjust iocb resource on qpair create (bsc#1213747).
  * scsi: qla2xxx: array index may go out of bound (bsc#1213747).
  * scsi: qla2xxx: avoid fcport pointer dereference (bsc#1213747).
  * scsi: qla2xxx: check valid rport returned by fc_bsg_to_rport()
    (bsc#1213747).
  * scsi: qla2xxx: correct the index of array (bsc#1213747).
  * scsi: qla2xxx: drop useless list_head (bsc#1213747).
  * scsi: qla2xxx: fix buffer overrun (bsc#1213747).
  * scsi: qla2xxx: fix command flush during tmf (bsc#1213747).
  * scsi: qla2xxx: fix deletion race condition (bsc#1213747).
  * scsi: qla2xxx: fix end of loop test (bsc#1213747).
  * scsi: qla2xxx: fix erroneous link up failure (bsc#1213747).
  * scsi: qla2xxx: fix error code in qla2x00_start_sp() (bsc#1213747).
  * scsi: qla2xxx: fix inconsistent tmf timeout (bsc#1213747).
  * scsi: qla2xxx: fix null pointer dereference in target mode (bsc#1213747).
  * scsi: qla2xxx: fix potential null pointer dereference (bsc#1213747).
  * scsi: qla2xxx: fix session hang in gnl (bsc#1213747).
  * scsi: qla2xxx: fix tmf leak through (bsc#1213747).
  * scsi: qla2xxx: limit tmf to 8 per function (bsc#1213747).
  * scsi: qla2xxx: pointer may be dereferenced (bsc#1213747).
  * scsi: qla2xxx: remove unused nvme_ls_waitq wait queue (bsc#1213747).
  * scsi: qla2xxx: replace one-element array with declare_flex_array() helper
    (bsc#1213747).
  * scsi: qla2xxx: silence a static checker warning (bsc#1213747).
  * scsi: qla2xxx: turn off noisy message log (bsc#1213747).
  * scsi: qla2xxx: update version to 10.02.08.400-k (bsc#1213747).
  * scsi: qla2xxx: update version to 10.02.08.500-k (bsc#1213747).
  * scsi: qla2xxx: use vmalloc_array() and vcalloc() (bsc#1213747).
  * serial: qcom-geni: drop bogus runtime pm state update (git-fixes).
  * serial: sifive: fix sifive_serial_console_setup() section (git-fixes).
  * soundwire: qcom: update status correctly with mask (git-fixes).
  * staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext() (git-
    fixes).
  * staging: r8712: fix memory leak in _r8712_init_xmit_priv() (git-fixes).
  * sunrpc: always free ctxt when freeing deferred request (git-fixes).
  * sunrpc: double free xprt_ctxt while still in use (git-fixes).
  * sunrpc: fix trace_svc_register() call site (git-fixes).
  * sunrpc: fix uaf in svc_tcp_listen_data_ready() (git-fixes).
  * sunrpc: remove dead code in svc_tcp_release_rqst() (git-fixes).
  * sunrpc: remove the maximum number of retries in call_bind_status (git-
    fixes).
  * svcrdma: prevent page release when nothing was received (git-fixes).
  * tpm_tis: explicitly check for error code (git-fixes).
  * tty: n_gsm: fix uaf in gsm_cleanup_mux (git-fixes).
  * ubifs: add missing iput if do_tmpfile() failed in rename whiteout (git-
    fixes).
  * ubifs: do_rename: fix wrong space budget when target inode's nlink > 1 (git-
    fixes).
  * ubifs: error path in ubifs_remount_rw() seems to wrongly free write buffers
    (git-fixes).
  * ubifs: fix 'ui->dirty' race between do_tmpfile() and writeback work (git-
    fixes).
  * ubifs: fix aa deadlock when setting xattr for encrypted file (git-fixes).
  * ubifs: fix build errors as symbol undefined (git-fixes).
  * ubifs: fix deadlock in concurrent rename whiteout and inode writeback (git-
    fixes).
  * ubifs: fix memory leak in alloc_wbufs() (git-fixes).
  * ubifs: fix memory leak in do_rename (git-fixes).
  * ubifs: fix read out-of-bounds in ubifs_wbuf_write_nolock() (git-fixes).
  * ubifs: fix to add refcount once page is set private (git-fixes).
  * ubifs: fix wrong dirty space budget for dirty inode (git-fixes).
  * ubifs: free memory for tmpfile name (git-fixes).
  * ubifs: rectify space amount budget for mkdir/tmpfile operations (git-fixes).
  * ubifs: rectify space budget for ubifs_symlink() if symlink is encrypted
    (git-fixes).
  * ubifs: rectify space budget for ubifs_xrename() (git-fixes).
  * ubifs: rename whiteout atomically (git-fixes).
  * ubifs: rename_whiteout: correct old_dir size computing (git-fixes).
  * ubifs: rename_whiteout: fix double free for whiteout_ui->data (git-fixes).
  * ubifs: reserve one leb for each journal head while doing budget (git-fixes).
  * ubifs: setflags: make dirtied_ino_d 8 bytes aligned (git-fixes).
  * ubifs: ubifs_writepage: mark page dirty after writing inode failed (git-
    fixes).
  * update patches.suse/rdma-mthca-fix-crash-when-polling-cq-for-shared-qps.
    (git-fixes bsc#1212604). added bug reference.
  * usb: dwc3: do not reset device side if dwc3 was configured as host-only
    (git-fixes).
  * usb: dwc3: pci: skip byt gpio lookup table for hardwired phy (git-fixes).
  * usb: gadget: core: remove unbalanced mutex_unlock in usb_gadget_activate
    (git-fixes).
  * usb: xhci-mtk: set the dma max_seg_size (git-fixes).
  * vhost: support packed when setting-getting vring_base (git-fixes).
  * vhost_net: revert upend_idx only on retriable error (git-fixes).
  * virtio-net: maintain reverse cleanup order (git-fixes).
  * virtio_net: fix error unwinding of xdp initialization (git-fixes).
  * x86/pvh: obtain vga console info in dom0 (git-fixes).
  * xen/blkfront: only check req_fua for writes (git-fixes).
  * xen/pvcalls-back: fix double frees with pvcalls_new_active_socket() (git-
    fixes).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE Important update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2023-3377=1 openSUSE-SLE-15.4-2023-3377=1

  * Public Cloud Module 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2023-3377=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 x86_64)
    * gfs2-kmp-azure-5.14.21-150400.14.63.1
    * kernel-syms-azure-5.14.21-150400.14.63.1
    * kselftests-kmp-azure-5.14.21-150400.14.63.1
    * reiserfs-kmp-azure-5.14.21-150400.14.63.1
    * kernel-azure-optional-5.14.21-150400.14.63.1
    * kernel-azure-debuginfo-5.14.21-150400.14.63.1
    * reiserfs-kmp-azure-debuginfo-5.14.21-150400.14.63.1
    * kernel-azure-extra-debuginfo-5.14.21-150400.14.63.1
    * cluster-md-kmp-azure-5.14.21-150400.14.63.1
    * dlm-kmp-azure-5.14.21-150400.14.63.1
    * ocfs2-kmp-azure-debuginfo-5.14.21-150400.14.63.1
    * dlm-kmp-azure-debuginfo-5.14.21-150400.14.63.1
    * kernel-azure-livepatch-devel-5.14.21-150400.14.63.1
    * kernel-azure-devel-debuginfo-5.14.21-150400.14.63.1
    * gfs2-kmp-azure-debuginfo-5.14.21-150400.14.63.1
    * kernel-azure-extra-5.14.21-150400.14.63.1
    * ocfs2-kmp-azure-5.14.21-150400.14.63.1
    * kselftests-kmp-azure-debuginfo-5.14.21-150400.14.63.1
    * cluster-md-kmp-azure-debuginfo-5.14.21-150400.14.63.1
    * kernel-azure-devel-5.14.21-150400.14.63.1
    * kernel-azure-optional-debuginfo-5.14.21-150400.14.63.1
    * kernel-azure-debugsource-5.14.21-150400.14.63.1
  * openSUSE Leap 15.4 (aarch64 nosrc x86_64)
    * kernel-azure-5.14.21-150400.14.63.1
  * openSUSE Leap 15.4 (noarch)
    * kernel-source-azure-5.14.21-150400.14.63.1
    * kernel-devel-azure-5.14.21-150400.14.63.1
  * Public Cloud Module 15-SP4 (aarch64 nosrc x86_64)
    * kernel-azure-5.14.21-150400.14.63.1
  * Public Cloud Module 15-SP4 (aarch64 x86_64)
    * kernel-azure-devel-debuginfo-5.14.21-150400.14.63.1
    * kernel-azure-debuginfo-5.14.21-150400.14.63.1
    * kernel-azure-devel-5.14.21-150400.14.63.1
    * kernel-syms-azure-5.14.21-150400.14.63.1
    * kernel-azure-debugsource-5.14.21-150400.14.63.1
  * Public Cloud Module 15-SP4 (noarch)
    * kernel-source-azure-5.14.21-150400.14.63.1
    * kernel-devel-azure-5.14.21-150400.14.63.1

## References:

  * https://www.suse.com/security/cve/CVE-2022-40982.html
  * https://www.suse.com/security/cve/CVE-2023-0459.html
  * https://www.suse.com/security/cve/CVE-2023-20569.html
  * https://www.suse.com/security/cve/CVE-2023-21400.html
  * https://www.suse.com/security/cve/CVE-2023-2156.html
  * https://www.suse.com/security/cve/CVE-2023-2166.html
  * https://www.suse.com/security/cve/CVE-2023-31083.html
  * https://www.suse.com/security/cve/CVE-2023-3268.html
  * https://www.suse.com/security/cve/CVE-2023-3567.html
  * https://www.suse.com/security/cve/CVE-2023-3776.html
  * https://www.suse.com/security/cve/CVE-2023-4004.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1206418
  * https://bugzilla.suse.com/show_bug.cgi?id=1207129
  * https://bugzilla.suse.com/show_bug.cgi?id=1210627
  * https://bugzilla.suse.com/show_bug.cgi?id=1210780
  * https://bugzilla.suse.com/show_bug.cgi?id=1211131
  * https://bugzilla.suse.com/show_bug.cgi?id=1211738
  * https://bugzilla.suse.com/show_bug.cgi?id=1212502
  * https://bugzilla.suse.com/show_bug.cgi?id=1212604
  * https://bugzilla.suse.com/show_bug.cgi?id=1212901
  * https://bugzilla.suse.com/show_bug.cgi?id=1213167
  * https://bugzilla.suse.com/show_bug.cgi?id=1213272
  * https://bugzilla.suse.com/show_bug.cgi?id=1213287
  * https://bugzilla.suse.com/show_bug.cgi?id=1213304
  * https://bugzilla.suse.com/show_bug.cgi?id=1213588
  * https://bugzilla.suse.com/show_bug.cgi?id=1213620
  * https://bugzilla.suse.com/show_bug.cgi?id=1213653
  * https://bugzilla.suse.com/show_bug.cgi?id=1213713
  * https://bugzilla.suse.com/show_bug.cgi?id=1213715
  * https://bugzilla.suse.com/show_bug.cgi?id=1213747
  * https://bugzilla.suse.com/show_bug.cgi?id=1213756
  * https://bugzilla.suse.com/show_bug.cgi?id=1213759
  * https://bugzilla.suse.com/show_bug.cgi?id=1213777
  * https://bugzilla.suse.com/show_bug.cgi?id=1213810
  * https://bugzilla.suse.com/show_bug.cgi?id=1213812
  * https://bugzilla.suse.com/show_bug.cgi?id=1213856
  * https://bugzilla.suse.com/show_bug.cgi?id=1213857
  * https://bugzilla.suse.com/show_bug.cgi?id=1213863
  * https://bugzilla.suse.com/show_bug.cgi?id=1213867
  * https://bugzilla.suse.com/show_bug.cgi?id=1213870
  * https://bugzilla.suse.com/show_bug.cgi?id=1213871

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20230822/77bad162/attachment.htm>


More information about the sle-security-updates mailing list