SUSE-SU-2023:4782-1: important: Security update for the Linux Kernel
null at suse.de
null at suse.de
Wed Dec 13 16:30:54 UTC 2023
# Security update for the Linux Kernel
Announcement ID: SUSE-SU-2023:4782-1
Rating: important
References:
* bsc#1210447
* bsc#1214286
* bsc#1214976
* bsc#1215124
* bsc#1215292
* bsc#1215420
* bsc#1215458
* bsc#1215710
* bsc#1216058
* bsc#1216105
* bsc#1216259
* bsc#1216584
* bsc#1216693
* bsc#1216759
* bsc#1216844
* bsc#1216861
* bsc#1216909
* bsc#1216959
* bsc#1216965
* bsc#1216976
* bsc#1217036
* bsc#1217068
* bsc#1217086
* bsc#1217124
* bsc#1217140
* bsc#1217195
* bsc#1217200
* bsc#1217205
* bsc#1217332
* bsc#1217366
* bsc#1217515
* bsc#1217598
* bsc#1217599
* bsc#1217609
* bsc#1217687
* bsc#1217731
* bsc#1217780
* jsc#PED-3184
* jsc#PED-5021
* jsc#PED-7237
Cross-References:
* CVE-2023-2006
* CVE-2023-25775
* CVE-2023-39197
* CVE-2023-39198
* CVE-2023-4244
* CVE-2023-45863
* CVE-2023-45871
* CVE-2023-46862
* CVE-2023-5158
* CVE-2023-5717
* CVE-2023-6039
* CVE-2023-6176
CVSS scores:
* CVE-2023-2006 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-2006 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-25775 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2023-25775 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2023-39197 ( SUSE ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N
* CVE-2023-39198 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
* CVE-2023-39198 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4244 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4244 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-45863 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-45863 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-45871 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-45871 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-46862 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-46862 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-5158 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
* CVE-2023-5158 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
* CVE-2023-5717 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-5717 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6039 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6039 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6176 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.4
* Public Cloud Module 15-SP4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves 12 vulnerabilities, contains three features and has 25
security fixes can now be installed.
## Description:
The SUSE Linux Enterprise 15 SP4 Azure kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
* CVE-2023-2006: Fixed a race condition in the RxRPC network protocol
(bsc#1210447).
* CVE-2023-25775: Fixed improper access control in the Intel Ethernet
Controller RDMA driver (bsc#1216959).
* CVE-2023-39197: Fixed a out-of-bounds read in nf_conntrack_dccp_packet()
(bsc#1216976).
* CVE-2023-39198: Fixed a race condition leading to use-after-free in
qxl_mode_dumb_create() (bsc#1216965).
* CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which
could be exploited to achieve local privilege escalation (bsc#1215420).
* CVE-2023-45863: Fixed a out-of-bounds write in fill_kobj_path()
(bsc#1216058).
* CVE-2023-45871: Fixed an issue in the IGB driver, where the buffer size may
not be adequate for frames larger than the MTU (bsc#1216259).
* CVE-2023-46862: Fixed a NULL pointer dereference in io_uring_show_fdinfo()
(bsc#1216693).
* CVE-2023-5158: Fixed a denial of service in vringh_kiov_advance() in
drivers/vhost/vringh.c in the host side of a virtio ring (bsc#1215710).
* CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the
Performance Events component (bsc#1216584).
* CVE-2023-6039: Fixed a use-after-free in lan78xx_disconnect in
drivers/net/usb/lan78xx.c (bsc#1217068).
* CVE-2023-6176: Fixed a denial of service in the cryptographic algorithm
scatterwalk functionality (bsc#1217332).
The following non-security bugs were fixed:
* acpi: fpdt: properly handle invalid fpdt subtables (git-fixes).
* acpi: resource: do irq override on tongfang gmxxgxx (git-fixes).
* acpi: resource: skip irq override on asus expertbook b1402cva (git-fixes).
* acpi: sysfs: fix create_pnp_modalias() and create_of_modalias() (git-fixes).
* alsa: hda/realtek - add dell alc295 to pin fall back table (git-fixes).
* alsa: hda/realtek - enable internal speaker of asus k6500zc (git-fixes).
* alsa: hda/realtek: add quirks for hp laptops (git-fixes).
* alsa: hda/realtek: enable mute led on hp 255 g10 (git-fixes).
* alsa: hda/realtek: enable mute led on hp 255 g8 (git-fixes).
* alsa: hda: cs35l41: fix unbalanced pm_runtime_get() (git-fixes).
* alsa: hda: cs35l41: undo runtime pm changes at driver exit time (git-fixes).
* alsa: hda: disable power-save on kontron singlepc (bsc#1217140).
* alsa: hda: fix possible null-ptr-deref when assigning a stream (git-fixes).
* alsa: hda: intel-dsp-config: fix jsl chromebook quirk detection (git-fixes).
* alsa: info: fix potential deadlock at disconnection (git-fixes).
* arm/xen: fix xen_vcpu_info allocation alignment (git-fixes).
* arm64: add cortex-a520 cpu part definition (git-fixes)
* arm64: allow kprobes on el0 handlers (git-fixes)
* arm64: armv8_deprecated move emulation functions (git-fixes)
* arm64: armv8_deprecated: fix unused-function error (git-fixes)
* arm64: armv8_deprecated: fold ops into insn_emulation (git-fixes)
* arm64: armv8_deprecated: move aarch32 helper earlier (git-fixes)
* arm64: armv8_deprecated: rework deprected instruction handling (git-fixes)
* arm64: consistently pass esr_elx to die() (git-fixes)
* arm64: die(): pass 'err' as long (git-fixes)
* arm64: factor insn read out of call_undef_hook() (git-fixes)
* arm64: factor out el1 ssbs emulation hook (git-fixes)
* arm64: report el1 undefs better (git-fixes)
* arm64: rework bti exception handling (git-fixes)
* arm64: rework el0 mrs emulation (git-fixes)
* arm64: rework fpac exception handling (git-fixes)
* arm64: split el0/el1 undef handlers (git-fixes)
* arm: 9321/1: memset: cast the constant byte to unsigned char (git-fixes).
* asoc: ams-delta.c: use component after check (git-fixes).
* asoc: codecs: wsa-macro: fix uninitialized stack variables with name prefix
(git-fixes).
* asoc: cs35l41: undo runtime pm changes at driver exit time (git-fixes).
* asoc: cs35l41: verify pm runtime resume errors in irq handler (git-fixes).
* asoc: fsl: fix pm disable depth imbalance in fsl_easrc_probe (git-fixes).
* asoc: fsl: mpc5200_dma.c: fix warning of function parameter or member not
described (git-fixes).
* asoc: hdmi-codec: register hpd callback on component probe (git-fixes).
* asoc: intel: skylake: fix mem leak when parsing uuids fails (git-fixes).
* asoc: rt5650: fix the wrong result of key button (git-fixes).
* asoc: simple-card: fixup asoc_simple_probe() error handling (git-fixes).
* asoc: ti: omap-mcbsp: fix runtime pm underflow warnings (git-fixes).
* ata: pata_isapnp: add missing error check for devm_ioport_map() (git-fixes).
* atl1c: work around the dma rx overflow issue (git-fixes).
* atm: iphase: do pci error checks on own line (git-fixes).
* blk-mq: do not clear driver tags own mapping (bsc#1217366).
* blk-mq: fix null pointer dereference in blk_mq_clear_rq_mapping()
(bsc#1217366).
* bluetooth: add device 0bda:887b to device tables (git-fixes).
* bluetooth: add device 13d3:3571 to device tables (git-fixes).
* bluetooth: btusb: add 0bda:b85b for fn-link rtl8852be (git-fixes).
* bluetooth: btusb: add date->evt_skb is null check (git-fixes).
* bluetooth: btusb: add realtek rtl8852be support id 0x0cb8:0xc559 (git-
fixes).
* bluetooth: btusb: add rtw8852be device 13d3:3570 to device tables (git-
fixes).
* can: dev: can_put_echo_skb(): do not crash kernel if can_priv::echo_skb is
accessed out of bounds (git-fixes).
* can: dev: can_restart(): do not crash kernel if carrier is ok (git-fixes).
* can: dev: can_restart(): fix race condition between controller restart and
netif_carrier_on() (git-fixes).
* can: isotp: add local echo tx processing for consecutive frames (git-fixes).
* can: isotp: fix race between isotp_sendsmg() and isotp_release() (git-
fixes).
* can: isotp: fix tx state handling for echo tx processing (git-fixes).
* can: isotp: handle wait_event_interruptible() return values (git-fixes).
* can: isotp: isotp_bind(): return -einval on incorrect can id formatting
(git-fixes).
* can: isotp: isotp_sendmsg(): fix tx state detection and wait behavior (git-
fixes).
* can: isotp: remove re-binding of bound socket (git-fixes).
* can: isotp: sanitize can id checks in isotp_bind() (git-fixes).
* can: isotp: set max pdu size to 64 kbyte (git-fixes).
* can: isotp: split tx timer into transmission and timeout (git-fixes).
* can: sja1000: fix comment (git-fixes).
* clk: imx: imx8mq: correct error handling path (git-fixes).
* clk: imx: imx8qxp: fix elcdif_pll clock (git-fixes).
* clk: imx: select mxc_clk for clk_imx8qxp (git-fixes).
* clk: keystone: pll: fix a couple null vs is_err() checks (git-fixes).
* clk: mediatek: clk-mt2701: add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt6765: add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt6779: add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt6797: add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt7629-eth: add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt7629: add check for mtk_alloc_clk_data (git-fixes).
* clk: npcm7xx: fix incorrect kfree (git-fixes).
* clk: qcom: clk-rcg2: fix clock rate overflow for high parent frequencies
(git-fixes).
* clk: qcom: config ipq_apss_6018 should depend on qcom_smem (git-fixes).
* clk: qcom: gcc-sm8150: fix gcc_sdcc2_apps_clk_src (git-fixes).
* clk: qcom: ipq6018: drop the clk_set_rate_parent flag from pll clocks (git-
fixes).
* clk: qcom: mmcc-msm8998: do not check halt bit on some branch clks (git-
fixes).
* clk: qcom: mmcc-msm8998: fix the smmu gdsc (git-fixes).
* clk: sanitize possible_parent_show to handle return value of
of_clk_get_parent_name (git-fixes).
* clk: scmi: free scmi_clk allocated when the clocks with invalid info are
skipped (git-fixes).
* clk: ti: add ti_dt_clk_name() helper to use clock-output-names (git-fixes).
* clk: ti: change ti_clk_register_omap_hw api (git-fixes).
* clk: ti: fix double free in of_ti_divider_clk_setup() (git-fixes).
* clk: ti: update component clocks to use ti_dt_clk_name() (git-fixes).
* clk: ti: update pll and clockdomain clocks to use ti_dt_clk_name() (git-
fixes).
* crypto: caam/jr - fix chacha20 + poly1305 self test failure (git-fixes).
* crypto: caam/qi2 - fix chacha20 + poly1305 self test failure (git-fixes).
* crypto: hisilicon/hpre - fix a erroneous check after snprintf() (git-fixes).
* disable loongson drivers loongson is a mips architecture, it does not make
sense to build loongson drivers on other architectures.
* dmaengine: pxa_dma: remove an erroneous bug_on() in pxad_free_desc() (git-
fixes).
* dmaengine: ste_dma40: fix pm disable depth imbalance in d40_probe (git-
fixes).
* dmaengine: stm32-mdma: correct desc prep when channel running (git-fixes).
* dmaengine: ti: edma: handle irq_of_parse_and_map() errors (git-fixes).
* docs: net: move the probe and open/close sections of driver.rst up
(bsc#1215458).
* docs: net: reformat driver.rst from a list to sections (bsc#1215458).
* docs: net: use c syntax highlight in driver.rst (bsc#1215458).
* documentation: networking: correct possessive "its" (bsc#1215458).
* drivers: hv: vmbus: remove unused extern declaration vmbus_ontimer() (git-
fixes).
* drm/amd/display: avoid null dereference of timing generator (git-fixes).
* drm/amd/display: change the dmcub mailbox memory location from fb to inbox
(git-fixes).
* drm/amd/display: remove useless check in should_enable_fbc() (git-fixes).
* drm/amd/display: use full update for clip size increase of large plane
source (git-fixes).
* drm/amd/pm: handle non-terminated overdrive commands (git-fixes).
* drm/amd: fix ubsan array-index-out-of-bounds for polaris and tonga (git-
fixes).
* drm/amd: fix ubsan array-index-out-of-bounds for smu7 (git-fixes).
* drm/amdgpu: do not use atrm for external devices (git-fixes).
* drm/amdgpu: fix a null pointer access when the smc_rreg pointer is null
(git-fixes).
* drm/amdgpu: fix error handling in amdgpu_bo_list_get() (git-fixes).
* drm/amdgpu: fix potential null pointer derefernce (git-fixes).
* drm/amdgpu: fix software pci_unplug on some chips (git-fixes).
* drm/amdkfd: fix a race condition of vram buffer unref in svm code (git-
fixes).
* drm/amdkfd: fix shift out-of-bounds issue (git-fixes).
* drm/amdkfd: fix some race conditions in vram buffer alloc/free of svm code
(git-fixes).
* drm/bridge: fix kernel-doc typo in desc of output_bus_cfg in
drm_bridge_state (git-fixes).
* drm/bridge: lt8912b: add missing drm_bridge_attach call (git-fixes).
* drm/bridge: lt8912b: fix bridge_detach (git-fixes).
* drm/bridge: lt8912b: fix crash on bridge detach (git-fixes).
* drm/bridge: lt8912b: manually disable hpd only if it was enabled (git-
fixes).
* drm/bridge: lt8912b: register and attach our dsi device at probe (git-
fixes).
* drm/bridge: lt8912b: switch to devm mipi-dsi helpers (git-fixes).
* drm/bridge: lt9611uxc: fix the race in the error path (git-fixes).
* drm/bridge: lt9611uxc: register and attach our dsi device at probe (git-
fixes).
* drm/bridge: lt9611uxc: switch to devm mipi-dsi helpers (git-fixes).
* drm/bridge: tc358768: disable non-continuous clock mode (git-fixes).
* drm/bridge: tc358768: fix bit updates (git-fixes).
* drm/bridge: tc358768: fix use of uninitialized variable (git-fixes).
* drm/gud: use size_add() in call to struct_size() (git-fixes).
* drm/i915/pmu: check if pmu is closed before stopping event (git-fixes).
* drm/i915: fix potential spectre vulnerability (git-fixes).
* drm/komeda: drop all currently held locks if deadlock happens (git-fixes).
* drm/mediatek: fix iommu fault by swapping fbs after updating plane state
(git-fixes).
* drm/mediatek: fix iommu fault during crtc enabling (git-fixes).
* drm/mipi-dsi: create devm device attachment (git-fixes).
* drm/mipi-dsi: create devm device registration (git-fixes).
* drm/msm/dp: skip validity check for dp cts edid checksum (git-fixes).
* drm/panel/panel-tpo-tpg110: fix a possible null pointer dereference (git-
fixes).
* drm/panel: fix a possible null pointer dereference (git-fixes).
* drm/panel: simple: fix innolux g101ice-l01 bus flags (git-fixes).
* drm/panel: simple: fix innolux g101ice-l01 timings (git-fixes).
* drm/panel: st7703: pick different reset sequence (git-fixes).
* drm/qxl: prevent memory leak (git-fixes).
* drm/radeon: possible buffer overflow (git-fixes).
* drm/rockchip: cdn-dp: fix some error handling paths in cdn_dp_probe() (git-
fixes).
* drm/rockchip: fix type promotion bug in rockchip_gem_iommu_map() (git-
fixes).
* drm/rockchip: vop: fix call to crtc reset helper (git-fixes).
* drm/rockchip: vop: fix color for rgb888/bgr888 format on vop full (git-
fixes).
* drm/rockchip: vop: fix reset of state in duplicate state crtc funcs (git-
fixes).
* drm/syncobj: fix drm_syncobj_wait_flags_wait_available (git-fixes).
* drm/vc4: fix typo (git-fixes).
* drm: vmwgfx_surface.c: copy user-array safely (git-fixes).
* dt-bindings: usb: hcd: add missing phy name to example (git-fixes).
* dt-bindings: usb: qcom,dwc3: fix example wakeup interrupt types (git-fixes).
* ensure ia32_emulation is always enabled for kernel-obs-build if
ia32_emulation is disabled by default, ensure it is enabled back for obs
kernel to allow building 32bit binaries (jsc#ped-3184) [ms: always pass the
parameter, no need to grep through the config which may not be very
reliable]
* fbdev: fsl-diu-fb: mark wr_reg_wa() static (git-fixes).
* fbdev: imsttfb: fix a resource leak in probe (git-fixes).
* fbdev: imsttfb: fix double free in probe() (git-fixes).
* fbdev: imsttfb: fix error path of imsttfb_probe() (git-fixes).
* fbdev: imsttfb: release framebuffer and dealloc cmap on error path (git-
fixes).
* fbdev: omapfb: drop unused remove function (git-fixes).
* firewire: core: fix possible memory leak in create_units() (git-fixes).
* firmware/imx-dsp: fix use_after_free in imx_dsp_setup_channels() (git-
fixes).
* fix termination state for idr_for_each_entry_ul() (git-fixes).
* gpio: mockup: fix kerneldoc (git-fixes).
* gpio: mockup: remove unused field (git-fixes).
* hid: add quirk for dell pro wireless keyboard and mouse km5221w (git-fixes).
* hid: cp2112: fix duplicate workqueue initialization (git-fixes).
* hid: hyperv: avoid struct memcpy overrun warning (git-fixes).
* hid: hyperv: remove unused struct synthhid_msg (git-fixes).
* hid: hyperv: replace one-element array with flexible-array member (git-
fixes).
* hid: lenovo: detect quirk-free fw on cptkbd and stop applying workaround
(git-fixes).
* hid: logitech-hidpp: do not restart io, instead defer hid_connect() only
(git-fixes).
* hid: logitech-hidpp: move get_wireless_feature_index() check to
hidpp_connect_event() (git-fixes).
* hid: logitech-hidpp: remove hidpp_quirk_no_hidinput quirk (git-fixes).
* hid: logitech-hidpp: revert "do not restart communication if not necessary"
(git-fixes).
* hv: simplify sysctl registration (git-fixes).
* hv_netvsc: fix netvsc_send_completion to avoid multiple message length
checks (git-fixes).
* hv_netvsc: fix race of netvsc and vf register_netdevice (git-fixes).
* hv_netvsc: fix race of register_netdevice_notifier and vf register (git-
fixes).
* hv_netvsc: mark vf as slave before exposing it to user-mode (git-fixes).
* hwmon: (coretemp) fix potentially truncated sysfs attribute name (git-
fixes).
* i2c: aspeed: fix i2c bus hang in slave read (git-fixes).
* i2c: core: run atomic i2c xfer when !preemptible (git-fixes).
* i2c: designware: disable tx_empty irq while waiting for block length byte
(git-fixes).
* i2c: dev: copy userspace array safely (git-fixes).
* i2c: i801: fix potential race in i801_block_transaction_byte_by_byte (git-
fixes).
* i2c: iproc: handle invalid slave state (git-fixes).
* i2c: muxes: i2c-demux-pinctrl: use of_get_i2c_adapter_by_node() (git-fixes).
* i2c: muxes: i2c-mux-gpmux: use of_get_i2c_adapter_by_node() (git-fixes).
* i2c: muxes: i2c-mux-pinctrl: use of_get_i2c_adapter_by_node() (git-fixes).
* i2c: stm32f7: fix pec handling in case of smbus transfers (git-fixes).
* i2c: sun6i-p2wi: prevent potential division by zero (git-fixes).
* i3c: fix potential refcount leak in i3c_master_register_new_i3c_devs (git-
fixes).
* i3c: master: cdns: fix reading status register (git-fixes).
* i3c: master: mipi-i3c-hci: fix a kernel panic for accessing dat_data (git-
fixes).
* i3c: master: svc: fix check wrong status register in irq handler (git-
fixes).
* i3c: master: svc: fix ibi may not return mandatory data byte (git-fixes).
* i3c: master: svc: fix race condition in ibi work thread (git-fixes).
* i3c: master: svc: fix sda keep low when polling ibiwon timeout happen (git-
fixes).
* i3c: master: svc: fix wrong data return when ibi happen during start frame
(git-fixes).
* i3c: mipi-i3c-hci: fix out of bounds access in hci_dma_irq_handler (git-
fixes).
* i915/perf: fix null deref bugs with drm_dbg() calls (git-fixes).
* idpf: add controlq init and reset checks (bsc#1215458).
* idpf: add core init and interrupt request (bsc#1215458).
* idpf: add create vport and netdev configuration (bsc#1215458).
* idpf: add ethtool callbacks (bsc#1215458).
* idpf: add module register and probe functionality (bsc#1215458).
* idpf: add ptypes and mac filter support (bsc#1215458).
* idpf: add rx splitq napi poll support (bsc#1215458).
* idpf: add singleq start_xmit and napi poll (bsc#1215458).
* idpf: add splitq start_xmit (bsc#1215458).
* idpf: add sriov support and other ndo_ops (bsc#1215458).
* idpf: add tx splitq napi poll support (bsc#1215458).
* idpf: cancel mailbox work in error path (bsc#1215458).
* idpf: configure resources for rx queues (bsc#1215458).
* idpf: configure resources for tx queues (bsc#1215458).
* idpf: fix potential use-after-free in idpf_tso() (bsc#1215458).
* idpf: initialize interrupts and enable vport (bsc#1215458).
* idpf: set scheduling mode for completion queue (bsc#1215458).
* iio: adc: xilinx-xadc: correct temperature offset/scale for ultrascale (git-
fixes).
* iio: adc: xilinx-xadc: do not clobber preset voltage/temperature thresholds
(git-fixes).
* iio: exynos-adc: request second interupt only when touchscreen mode is used
(git-fixes).
* input: synaptics-rmi4 - fix use after free in rmi_unregister_function()
(git-fixes).
* input: synaptics-rmi4 - handle reset delay when using smbus trsnsport (git-
fixes).
* input: xpad - add vid for turtle beach controllers (git-fixes).
* irqchip/stm32-exti: add missing dt irq flag translation (git-fixes).
* kabi/severities: ignore kabi in rxrpc (bsc#1210447) the rxrpc module is
built since sle15-sp3 but it is not shipped as part of any sle product, only
in leap (in kernel-*-optional).
* kernel-binary: suse-module-tools is also required when installed
requires(pre) adds dependency for the specific sciptlet. however, suse-
module-tools also ships modprobe.d files which may be needed at posttrans
time or any time the kernel is on the system for generating ramdisk. add
plain requires as well.
* kernel-source: move provides after sources
* leds: pwm: do not disable the pwm when the led should be off (git-fixes).
* leds: trigger: ledtrig-cpu:: fix 'output may be truncated' issue for 'cpu'
(git-fixes).
* leds: turris-omnia: do not use smbus calls (git-fixes).
* lsm: fix default return value for inode_getsecctx (git-fixes).
* lsm: fix default return value for vm_enough_memory (git-fixes).
* media: bttv: fix use after free error due to btv->timeout timer (git-fixes).
* media: ccs: correctly initialise try compose rectangle (git-fixes).
* media: ccs: fix driver quirk struct documentation (git-fixes).
* media: cedrus: fix clock/reset sequence (git-fixes).
* media: cobalt: use field_get() to extract link width (git-fixes).
* media: gspca: cpia1: shift-out-of-bounds in set_flicker (git-fixes).
* media: i2c: max9286: fix some redundant of_node_put() calls (git-fixes).
* media: imon: fix access to invalid resource for the second interface (git-
fixes).
* media: lirc: drop trailing space from scancode transmit (git-fixes).
* media: qcom: camss: fix missing vfe_lite clocks check (git-fixes).
* media: qcom: camss: fix pm_domain_on sequence in probe (git-fixes).
* media: qcom: camss: fix vfe-17x vfe_disable_output() (git-fixes).
* media: qcom: camss: fix vfe_get() error jump (git-fixes).
* media: sharp: fix sharp encoding (git-fixes).
* media: siano: drop unnecessary error check for debugfs_create_dir/file()
(git-fixes).
* media: venus: hfi: add checks to handle capabilities from firmware (git-
fixes).
* media: venus: hfi: add checks to perform sanity on queue pointers (git-
fixes).
* media: venus: hfi: fix the check to handle session buffer requirement (git-
fixes).
* media: venus: hfi_parser: add check to keep the number of codecs within
range (git-fixes).
* media: vidtv: mux: add check and kfree for kstrdup (git-fixes).
* media: vidtv: psi: add check for kstrdup (git-fixes).
* media: vivid: avoid integer overflow (git-fixes).
* mfd: arizona-spi: set pdata.hpdet_channel for acpi enumerated devs (git-
fixes).
* mfd: core: ensure disabled devices are skipped without aborting (git-fixes).
* mfd: dln2: fix double put in dln2_probe (git-fixes).
* misc: fastrpc: clean buffers on remote invocation failures (git-fixes).
* misc: pci_endpoint_test: add device id for r-car s4-8 pcie controller (git-
fixes).
* mm/hmm: fault non-owner device private entries (bsc#1216844, jsc#ped-7237,
git-fixes).
* mmc: block: be sure to wait while busy in cqe error recovery (git-fixes).
* mmc: block: do not lose cache flush during cqe error recovery (git-fixes).
* mmc: block: retry commands in cqe error recovery (git-fixes).
* mmc: cqhci: fix task clearing in cqe error recovery (git-fixes).
* mmc: cqhci: increase recovery halt timeout (git-fixes).
* mmc: cqhci: warn of halt or task clear failure (git-fixes).
* mmc: meson-gx: remove setting of cmd_cfg_error (git-fixes).
* mmc: sdhci-pci-gli: a workaround to allow gl9750 to enter aspm l1.2 (git-
fixes).
* mmc: sdhci-pci-gli: gl9750: mask the replay timer timeout of aer (git-
fixes).
* mmc: sdhci_am654: fix start loop index for tap value parsing (git-fixes).
* mmc: vub300: fix an error code (git-fixes).
* modpost: fix tee module_device_table built on big-endian host (git-fixes).
* mt76: dma: use kzalloc instead of devm_kzalloc for txwi (git-fixes).
* mtd: cfi_cmdset_0001: byte swap otp info (git-fixes).
* mtd: rawnand: arasan: include ecc syndrome along with in-band data while
checking for ecc failure (git-fixes).
* net-memcg: fix scope of sockmem pressure indicators (bsc#1216759).
* net: add macro netif_subqueue_completed_wake (bsc#1215458).
* net: avoid address overwrite in kernel_connect (bsc#1216861).
* net: fix use-after-free in tw_timer_handler (bsc#1217195).
* net: ieee802154: adf7242: fix some potential buffer overflow in
adf7242_stats_show() (git-fixes).
* net: mana: fix return type of mana_start_xmit() (git-fixes).
* net: piggy back on the memory barrier in bql when waking queues
(bsc#1215458).
* net: provide macros for commonly copied lockless queue stop/wake code
(bsc#1215458).
* net: usb: ax88179_178a: fix failed operations during ax88179_reset (git-
fixes).
* net: usb: smsc95xx: fix uninit-value access in smsc95xx_read_reg (git-
fixes).
* nvme: update firmware version after commit (bsc#1215292).
* pci/aspm: fix l1 substate handling in aspm_attr_store_common() (git-fixes).
* pci/sysfs: protect driver's d3cold preference from user space (git-fixes).
* pci: disable ats for specific intel ipu e2000 devices (bsc#1215458).
* pci: extract ats disabling to a helper function (bsc#1215458).
* pci: exynos: do not discard .remove() callback (git-fixes).
* pci: keystone: do not discard .probe() callback (git-fixes).
* pci: keystone: do not discard .remove() callback (git-fixes).
* pci: prevent xhci driver from claiming amd vangogh usb3 drd device (git-
fixes).
* pci: tegra194: use field_get()/field_prep() with link width fields (git-
fixes).
* pci: use field_get() in sapphire rx 5600 xt pulse quirk (git-fixes).
* pci: use field_get() to extract link width (git-fixes).
* pcmcia: cs: fix possible hung task and memory leak pccardd() (git-fixes).
* pcmcia: ds: fix possible name leak in error path in pcmcia_device_add()
(git-fixes).
* pcmcia: ds: fix refcount leak in pcmcia_device_add() (git-fixes).
* pinctrl: avoid reload of p state in list iteration (git-fixes).
* platform/x86: thinkpad_acpi: add battery quirk for thinkpad x120e (git-
fixes).
* platform/x86: wmi: fix opening of char device (git-fixes).
* platform/x86: wmi: fix probe failure when failing to register wmi devices
(git-fixes).
* platform/x86: wmi: remove unnecessary initializations (git-fixes).
* pm / devfreq: rockchip-dfi: make pmu regmap mandatory (git-fixes).
* pm: hibernate: use __get_safe_page() rather than touching the list (git-
fixes).
* powerpc: do not clobber f0/vs0 during fp|altivec register save
(bsc#1217780).
* pwm: brcmstb: utilize appropriate clock apis in suspend/resume (git-fixes).
* pwm: fix double shift bug (git-fixes).
* pwm: sti: reduce number of allocations and drop usage of chip_data (git-
fixes).
* r8152: cancel hw_phy_work if we have an error in probe (git-fixes).
* r8152: check for unplug in r8153b_ups_en() / r8153c_ups_en() (git-fixes).
* r8152: check for unplug in rtl_phy_patch_request() (git-fixes).
* r8152: increase usb control msg timeout to 5000ms as per spec (git-fixes).
* r8152: release firmware if we have an error in probe (git-fixes).
* r8152: run the unload routine if we have errors during probe (git-fixes).
* regmap: debugfs: fix a erroneous check after snprintf() (git-fixes).
* regmap: ensure range selector registers are updated after cache sync (git-
fixes).
* regmap: prevent noinc writes from clobbering cache (git-fixes).
* revert "i2c: pxa: move to generic gpio recovery" (git-fixes).
* revert "mmc: core: capture correct oemid-bits for emmc cards" (git-fixes).
* rpm/check-for-config-changes: add as_wruss to ignored_configs_re add
as_wruss as an ignored_configs_re entry in check-for-config-changes to fix
build on x86_32. there was a fix submitted to upstream but it was not
accepted:
https://lore.kernel.org/all/20231031140504.gczuejkmpxsredh3ma@fat_crate.local/
so carry this in ignored_configs_re instead.
* rpm/check-for-config-changes: add have_shadow_call_stack to
ignored_configs_re not supported by our compiler.
* rpm/mkspec-dtb: add riscv64 dtb-allwinner subpackage
* s390/ap: fix ap bus crash on early config change callback invocation (git-
fixes bsc#1217687).
* s390/cio: unregister device when the only path is gone (git-fixes
bsc#1217609).
* s390/cmma: fix detection of dat pages (ltc#203997 bsc#1217086).
* s390/cmma: fix handling of swapper_pg_dir and invalid_pg_dir (ltc#203997
bsc#1217086).
* s390/cmma: fix initial kernel address space page table walk (ltc#203997
bsc#1217086).
* s390/crashdump: fix tod programmable field size (git-fixes bsc#1217205).
* s390/dasd: fix hanging device after request requeue (git-fixes ltc#203629
bsc#1215124).
* s390/dasd: protect device queue against concurrent access (git-fixes
bsc#1217515).
* s390/dasd: use correct number of retries for erp requests (git-fixes
bsc#1217598).
* s390/ipl: add missing secure/has_secure file to ipl type 'unknown'
(bsc#1214976 git-fixes).
* s390/mm: add missing arch_set_page_dat() call to gmap allocations
(ltc#203997 bsc#1217086).
* s390/mm: add missing arch_set_page_dat() call to vmem_crst_alloc()
(ltc#203997 bsc#1217086).
* s390/pkey: fix/harmonize internal keyblob headers (git-fixes bsc#1217200).
* s390/ptrace: fix ptrace_get_last_break error handling (git-fixes
bsc#1217599).
* sbsa_gwdt: calculate timeout with 64-bit math (git-fixes).
* scsi: lpfc: copyright updates for 14.2.0.16 patches (bsc#1217731).
* scsi: lpfc: correct maximum pci function value for ras fw logging
(bsc#1217731).
* scsi: lpfc: eliminate unnecessary relocking in lpfc_check_nlp_post_devloss()
(bsc#1217731).
* scsi: lpfc: enhance driver logging for selected discovery events
(bsc#1217731).
* scsi: lpfc: fix list_entry null check warning in lpfc_cmpl_els_plogi()
(bsc#1217731).
* scsi: lpfc: fix possible file string name overflow when updating firmware
(bsc#1217731).
* scsi: lpfc: introduce log_node_verbose messaging flag (bsc#1217124).
* scsi: lpfc: refactor and clean up mailbox command memory free (bsc#1217731).
* scsi: lpfc: reject received prlis with only initiator fcn role for npiv
ports (bsc#1217124).
* scsi: lpfc: remove unnecessary zero return code assignment in
lpfc_sli4_hba_setup (bsc#1217124).
* scsi: lpfc: return early in lpfc_poll_eratt() when the driver is unloading
(bsc#1217731).
* scsi: lpfc: treat ioerr_sli_down i/o completion status the same as pci
offline (bsc#1217124).
* scsi: lpfc: update lpfc version to 14.2.0.15 (bsc#1217124).
* scsi: lpfc: update lpfc version to 14.2.0.16 (bsc#1217731).
* scsi: lpfc: validate els ls_acc completion payload (bsc#1217124).
* scsi: qla2xxx: fix double free of dsd_list during driver load (git-fixes).
* scsi: qla2xxx: use field_get() to extract pcie capability fields (git-
fixes).
* selftests/efivarfs: create-read: fix a resource leak (git-fixes).
* selftests/pidfd: fix ksft print formats (git-fixes).
* selftests/resctrl: ensure the benchmark commands fits to its array (git-
fixes).
* selftests/resctrl: reduce failures due to outliers in mba/mbm tests (git-
fixes).
* selftests/resctrl: remove duplicate feature check from cmt test (git-fixes).
* seq_buf: fix a misleading comment (git-fixes).
* serial: exar: revert "serial: exar: add support for sealevel 7xxxc serial
cards" (git-fixes).
* serial: meson: use platform_get_irq() to get the interrupt (git-fixes).
* soc: qcom: llcc: handle a second device without data corruption (git-fixes).
* spi: nxp-fspi: use the correct ioremap function (git-fixes).
* spi: spi-zynq-qspi: add spi-mem to driver kconfig dependencies (git-fixes).
* spi: tegra: fix missing irq check in tegra_slink_probe() (git-fixes).
* staging: media: ipu3: remove ftrace-like logging (git-fixes).
* string.h: add array-wrappers for (v)memdup_user() (git-fixes).
* supported.conf: marked idpf supported
* thermal: core: prevent potential string overflow (git-fixes).
* treewide: spelling fix in comment (git-fixes).
* tty/sysrq: replace smp_processor_id() with get_cpu() (git-fixes).
* tty: 8250: add brainboxes oxford semiconductor-based quirks (git-fixes).
* tty: 8250: add support for additional brainboxes px cards (git-fixes).
* tty: 8250: add support for additional brainboxes uc cards (git-fixes).
* tty: 8250: add support for brainboxes up cards (git-fixes).
* tty: 8250: add support for intashield is-100 (git-fixes).
* tty: 8250: add support for intashield ix cards (git-fixes).
* tty: 8250: fix port count of px-257 (git-fixes).
* tty: 8250: fix up px-803/px-857 (git-fixes).
* tty: 8250: remove uc-257 and uc-431 (git-fixes).
* tty: fix uninit-value access in ppp_sync_receive() (git-fixes).
* tty: n_gsm: fix race condition in status line change on dead connections
(git-fixes).
* tty: serial: meson: fix hard lockup on crtscts mode (git-fixes).
* tty: tty_jobctrl: fix pid memleak in disassociate_ctty() (git-fixes).
* tty: vcc: add check for kstrdup() in vcc_probe() (git-fixes).
* usb: cdnsp: fix deadlock issue during using ncm gadget (git-fixes).
* usb: chipidea: fix dma overwrite for tegra (git-fixes).
* usb: chipidea: simplify tegra dma alignment code (git-fixes).
* usb: dwc2: fix possible null pointer dereference caused by driver
concurrency (git-fixes).
* usb: dwc2: write hcint with intmask applied (bsc#1214286).
* usb: dwc3: fix default mode initialization (git-fixes).
* usb: dwc3: qcom: fix acpi platform device leak (git-fixes).
* usb: dwc3: qcom: fix resource leaks on probe deferral (git-fixes).
* usb: dwc3: qcom: fix software node leak on probe errors (git-fixes).
* usb: dwc3: qcom: fix wakeup after probe deferral (git-fixes).
* usb: dwc3: set the dma max_seg_size (git-fixes).
* usb: gadget: f_ncm: always set current gadget in ncm_bind() (git-fixes).
* usb: raw-gadget: properly handle interrupted requests (git-fixes).
* usb: serial: option: add fibocom l7xx modules (git-fixes).
* usb: serial: option: do not claim interface 4 for zte mf290 (git-fixes).
* usb: serial: option: fix fm101r-gl defines (git-fixes).
* usb: storage: set 1.50 as the lower bcddevice for older "super top"
compatibility (git-fixes).
* usb: typec: tcpm: fix null pointer dereference in tcpm_pd_svdm() (git-
fixes).
* usb: typec: tcpm: skip hard reset when in error recovery (git-fixes).
* usb: usbip: fix stub_dev hub disconnect (git-fixes).
* virtchnl: add virtchnl version 2 ops (bsc#1215458).
* wifi: ath10k: do not touch the ce interrupt registers after power up (git-
fixes).
* wifi: ath10k: fix clang-specific fortify warning (git-fixes).
* wifi: ath11k: debugfs: fix to work with multiple pci devices (git-fixes).
* wifi: ath11k: fix dfs radar event locking (git-fixes).
* wifi: ath11k: fix htt pktlog locking (git-fixes).
* wifi: ath11k: fix temperature event locking (git-fixes).
* wifi: ath9k: fix clang-specific fortify warnings (git-fixes).
* wifi: iwlwifi: call napi_synchronize() before freeing rx/tx queues (git-
fixes).
* wifi: iwlwifi: empty overflow queue during flush (git-fixes).
* wifi: iwlwifi: honor the enable_ini value (git-fixes).
* wifi: iwlwifi: pcie: synchronize irqs before napi (git-fixes).
* wifi: iwlwifi: use fw rate for non-data frames (git-fixes).
* wifi: mac80211: do not return unset power in ieee80211_get_tx_power() (git-
fixes).
* wifi: mac80211: fix # of msdu in a-msdu calculation (git-fixes).
* wifi: mt76: mt7603: rework/fix rx pse hang check (git-fixes).
* wifi: rtlwifi: fix edca limit set by bt coexistence (git-fixes).
* wifi: rtw88: debug: fix the null vs is_err() bug for debugfs_create_file()
(git-fixes).
* x86/alternative: add a __alt_reloc_selftest() prototype (git-fixes).
* x86/cpu: fix amd erratum #1485 on zen4-based cpus (git-fixes).
* x86/fpu: set x86_feature_osxsave feature after enabling osxsave in cr4 (git-
fixes).
* x86/hyperv: add hv_expose_invariant_tsc define (git-fixes).
* x86/hyperv: fix a warning in mshyperv.h (git-fixes).
* x86/hyperv: improve code for referencing hyperv_pcpu_input_arg (git-fixes).
* x86/hyperv: make hv_get_nmi_reason public (git-fixes).
* x86/sev: do not try to parse for the cc blob on non-amd hardware (git-
fixes).
* x86/sev: fix calculation of end address based on number of pages (git-
fixes).
* x86/sev: use the ghcb protocol when available for snp cpuid requests (git-
fixes).
* x86: move gds_ucode_mitigated() declaration to header (git-fixes).
* xfs: add attr state machine tracepoints (git-fixes).
* xfs: can't use kmem_zalloc() for attribute buffers (bsc#1216909).
* xfs: constify btree function parameters that are not modified (git-fixes).
* xfs: convert agf log flags to unsigned (git-fixes).
* xfs: convert agi log flags to unsigned (git-fixes).
* xfs: convert attr type flags to unsigned (git-fixes).
* xfs: convert bmap extent type flags to unsigned (git-fixes).
* xfs: convert bmapi flags to unsigned (git-fixes).
* xfs: convert btree buffer log flags to unsigned (git-fixes).
* xfs: convert buffer flags to unsigned (git-fixes).
* xfs: convert buffer log item flags to unsigned (git-fixes).
* xfs: convert da btree operations flags to unsigned (git-fixes).
* xfs: convert dquot flags to unsigned (git-fixes).
* xfs: convert inode lock flags to unsigned (git-fixes).
* xfs: convert log item tracepoint flags to unsigned (git-fixes).
* xfs: convert log ticket and iclog flags to unsigned (git-fixes).
* xfs: convert quota options flags to unsigned (git-fixes).
* xfs: convert scrub type flags to unsigned (git-fixes).
* xfs: disambiguate units for ftrace fields tagged "blkno", "block", or "bno"
(git-fixes).
* xfs: disambiguate units for ftrace fields tagged "count" (git-fixes).
* xfs: disambiguate units for ftrace fields tagged "len" (git-fixes).
* xfs: disambiguate units for ftrace fields tagged "offset" (git-fixes).
* xfs: make the key parameters to all btree key comparison functions const
(git-fixes).
* xfs: make the key parameters to all btree query range functions const (git-
fixes).
* xfs: make the keys and records passed to btree inorder functions const (git-
fixes).
* xfs: make the pointer passed to btree set_root functions const (git-fixes).
* xfs: make the start pointer passed to btree alloc_block functions const
(git-fixes).
* xfs: make the start pointer passed to btree update_lastrec functions const
(git-fixes).
* xfs: mark the record passed into btree init_key functions as const (git-
fixes).
* xfs: mark the record passed into xchk_btree functions as const (git-fixes).
* xfs: remove xfs_btree_cur_t typedef (git-fixes).
* xfs: rename i_disk_size fields in ftrace output (git-fixes).
* xfs: resolve fork names in trace output (git-fixes).
* xfs: standardize ag block number formatting in ftrace output (git-fixes).
* xfs: standardize ag number formatting in ftrace output (git-fixes).
* xfs: standardize daddr formatting in ftrace output (git-fixes).
* xfs: standardize inode generation formatting in ftrace output (git-fixes).
* xfs: standardize inode number formatting in ftrace output (git-fixes).
* xfs: standardize remaining xfs_buf length tracepoints (git-fixes).
* xfs: standardize rmap owner number formatting in ftrace output (git-fixes).
* xhci: enable rpm on controllers that support low-power states (git-fixes).
* xhci: loosen rpm as default policy to cover for amd xhc 1.1 (git-fixes).
## Special Instructions and Notes:
* Please reboot the system after installing this update.
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2023-4782=1 openSUSE-SLE-15.4-2023-4782=1
* Public Cloud Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2023-4782=1
## Package List:
* openSUSE Leap 15.4 (aarch64 x86_64)
* kselftests-kmp-azure-debuginfo-5.14.21-150400.14.75.1
* ocfs2-kmp-azure-5.14.21-150400.14.75.1
* reiserfs-kmp-azure-debuginfo-5.14.21-150400.14.75.1
* kernel-azure-optional-5.14.21-150400.14.75.1
* gfs2-kmp-azure-5.14.21-150400.14.75.1
* dlm-kmp-azure-debuginfo-5.14.21-150400.14.75.1
* kernel-azure-optional-debuginfo-5.14.21-150400.14.75.1
* cluster-md-kmp-azure-5.14.21-150400.14.75.1
* gfs2-kmp-azure-debuginfo-5.14.21-150400.14.75.1
* kernel-azure-debuginfo-5.14.21-150400.14.75.1
* kernel-azure-devel-debuginfo-5.14.21-150400.14.75.1
* kernel-azure-extra-debuginfo-5.14.21-150400.14.75.1
* kernel-syms-azure-5.14.21-150400.14.75.1
* kernel-azure-debugsource-5.14.21-150400.14.75.1
* kernel-azure-livepatch-devel-5.14.21-150400.14.75.1
* dlm-kmp-azure-5.14.21-150400.14.75.1
* kselftests-kmp-azure-5.14.21-150400.14.75.1
* kernel-azure-devel-5.14.21-150400.14.75.1
* kernel-azure-extra-5.14.21-150400.14.75.1
* cluster-md-kmp-azure-debuginfo-5.14.21-150400.14.75.1
* reiserfs-kmp-azure-5.14.21-150400.14.75.1
* ocfs2-kmp-azure-debuginfo-5.14.21-150400.14.75.1
* openSUSE Leap 15.4 (aarch64 nosrc x86_64)
* kernel-azure-5.14.21-150400.14.75.1
* openSUSE Leap 15.4 (noarch)
* kernel-devel-azure-5.14.21-150400.14.75.1
* kernel-source-azure-5.14.21-150400.14.75.1
* Public Cloud Module 15-SP4 (aarch64 nosrc x86_64)
* kernel-azure-5.14.21-150400.14.75.1
* Public Cloud Module 15-SP4 (aarch64 x86_64)
* kernel-azure-debuginfo-5.14.21-150400.14.75.1
* kernel-azure-devel-debuginfo-5.14.21-150400.14.75.1
* kernel-syms-azure-5.14.21-150400.14.75.1
* kernel-azure-devel-5.14.21-150400.14.75.1
* kernel-azure-debugsource-5.14.21-150400.14.75.1
* Public Cloud Module 15-SP4 (noarch)
* kernel-devel-azure-5.14.21-150400.14.75.1
* kernel-source-azure-5.14.21-150400.14.75.1
## References:
* https://www.suse.com/security/cve/CVE-2023-2006.html
* https://www.suse.com/security/cve/CVE-2023-25775.html
* https://www.suse.com/security/cve/CVE-2023-39197.html
* https://www.suse.com/security/cve/CVE-2023-39198.html
* https://www.suse.com/security/cve/CVE-2023-4244.html
* https://www.suse.com/security/cve/CVE-2023-45863.html
* https://www.suse.com/security/cve/CVE-2023-45871.html
* https://www.suse.com/security/cve/CVE-2023-46862.html
* https://www.suse.com/security/cve/CVE-2023-5158.html
* https://www.suse.com/security/cve/CVE-2023-5717.html
* https://www.suse.com/security/cve/CVE-2023-6039.html
* https://www.suse.com/security/cve/CVE-2023-6176.html
* https://bugzilla.suse.com/show_bug.cgi?id=1210447
* https://bugzilla.suse.com/show_bug.cgi?id=1214286
* https://bugzilla.suse.com/show_bug.cgi?id=1214976
* https://bugzilla.suse.com/show_bug.cgi?id=1215124
* https://bugzilla.suse.com/show_bug.cgi?id=1215292
* https://bugzilla.suse.com/show_bug.cgi?id=1215420
* https://bugzilla.suse.com/show_bug.cgi?id=1215458
* https://bugzilla.suse.com/show_bug.cgi?id=1215710
* https://bugzilla.suse.com/show_bug.cgi?id=1216058
* https://bugzilla.suse.com/show_bug.cgi?id=1216105
* https://bugzilla.suse.com/show_bug.cgi?id=1216259
* https://bugzilla.suse.com/show_bug.cgi?id=1216584
* https://bugzilla.suse.com/show_bug.cgi?id=1216693
* https://bugzilla.suse.com/show_bug.cgi?id=1216759
* https://bugzilla.suse.com/show_bug.cgi?id=1216844
* https://bugzilla.suse.com/show_bug.cgi?id=1216861
* https://bugzilla.suse.com/show_bug.cgi?id=1216909
* https://bugzilla.suse.com/show_bug.cgi?id=1216959
* https://bugzilla.suse.com/show_bug.cgi?id=1216965
* https://bugzilla.suse.com/show_bug.cgi?id=1216976
* https://bugzilla.suse.com/show_bug.cgi?id=1217036
* https://bugzilla.suse.com/show_bug.cgi?id=1217068
* https://bugzilla.suse.com/show_bug.cgi?id=1217086
* https://bugzilla.suse.com/show_bug.cgi?id=1217124
* https://bugzilla.suse.com/show_bug.cgi?id=1217140
* https://bugzilla.suse.com/show_bug.cgi?id=1217195
* https://bugzilla.suse.com/show_bug.cgi?id=1217200
* https://bugzilla.suse.com/show_bug.cgi?id=1217205
* https://bugzilla.suse.com/show_bug.cgi?id=1217332
* https://bugzilla.suse.com/show_bug.cgi?id=1217366
* https://bugzilla.suse.com/show_bug.cgi?id=1217515
* https://bugzilla.suse.com/show_bug.cgi?id=1217598
* https://bugzilla.suse.com/show_bug.cgi?id=1217599
* https://bugzilla.suse.com/show_bug.cgi?id=1217609
* https://bugzilla.suse.com/show_bug.cgi?id=1217687
* https://bugzilla.suse.com/show_bug.cgi?id=1217731
* https://bugzilla.suse.com/show_bug.cgi?id=1217780
* https://jira.suse.com/browse/PED-3184
* https://jira.suse.com/browse/PED-5021
* https://jira.suse.com/browse/PED-7237
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20231213/1e910efa/attachment.htm>
More information about the sle-security-updates
mailing list