SUSE-SU-2023:0779-1: important: Security update for the Linux Kernel

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Thu Mar 16 20:32:13 UTC 2023



# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2023:0779-1  
Rating: important  
References:

  * #1186449
  * #1203331
  * #1203332
  * #1203693
  * #1204502
  * #1204760
  * #1205149
  * #1206351
  * #1206677
  * #1206784
  * #1207034
  * #1207051
  * #1207134
  * #1207186
  * #1207237
  * #1207497
  * #1207508
  * #1207560
  * #1207773
  * #1207795
  * #1207845
  * #1207875
  * #1207878
  * #1208212
  * #1208599
  * #1208700
  * #1208741
  * #1208776
  * #1208816
  * #1208837
  * #1208845
  * #1208971
  * #1209008

  
Cross-References:

  * CVE-2022-3606
  * CVE-2022-36280
  * CVE-2022-38096
  * CVE-2022-47929
  * CVE-2023-0045
  * CVE-2023-0179
  * CVE-2023-0266
  * CVE-2023-0590
  * CVE-2023-0597
  * CVE-2023-1076
  * CVE-2023-1095
  * CVE-2023-1118
  * CVE-2023-1195
  * CVE-2023-22995
  * CVE-2023-22998
  * CVE-2023-23000
  * CVE-2023-23004
  * CVE-2023-23006
  * CVE-2023-23559
  * CVE-2023-25012
  * CVE-2023-26545

  
CVSS scores:

  * CVE-2022-3606 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-3606 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-36280 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-36280 ( NVD ):  6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H
  * CVE-2022-38096 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-38096 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-47929 ( SUSE ):  4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
  * CVE-2022-47929 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-0045 ( SUSE ):  5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-0179 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-0266 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-0266 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-0590 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-0597 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-0597 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-1076 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-1095 ( SUSE ):  5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-1095 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-1118 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-1118 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-1195 ( SUSE ):  2.2 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L
  * CVE-2023-22995 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2023-22995 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-22998 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-22998 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-23000 ( SUSE ):  2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2023-23000 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-23004 ( SUSE ):  4.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H
  * CVE-2023-23004 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-23006 ( SUSE ):  5.5 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H
  * CVE-2023-23006 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-23559 ( SUSE ):  6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
  * CVE-2023-23559 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-25012 ( SUSE ):  6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-25012 ( NVD ):  4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-26545 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-26545 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Real Time 15 SP3
  * SUSE Real Time Module 15-SP3

  
  
An update that solves 21 vulnerabilities and has 12 fixes can now be installed.

## Description:

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various
security and bugfixes.

The following security bugs were fixed:

  * CVE-2022-3606: Fixed a null pointer dereference inside the function
    find_prog_by_sec_insn of the file tools/lib/bpf/libbpf.c of the component
    BPF (bsc#1204502).
  * CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in
    vmwgfx driver (bsc#1203332).
  * CVE-2022-38096: Fixed NULL-ptr deref in vmw_cmd_dx_define_query()
    (bsc#1203331).
  * CVE-2022-47929: Fixed a NULL pointer dereference bug in the traffic control
    subsystem (bsc#1207237).
  * CVE-2023-0045: Fixed missing Flush IBP in ib_prctl_set (bsc#1207773).
  * CVE-2023-0179: Fixed incorrect arithmetics when fetching VLAN header bits
    (bsc#1207034).
  * CVE-2023-0266: Fixed a use-after-free vulnerability inside the ALSA PCM
    package. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 was missing locks that could
    have been used in a use-after-free that could have resulted in a priviledge
    escalation to gain ring0 access from the system user (bsc#1207134).
  * CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
  * CVE-2023-0597: Fixed lack of randomization of per-cpu entry area in x86/mm
    (bsc#1207845).
  * CVE-2023-1076: Fixed incorrect initialization of socket ui in tap_open()
    (bsc#1208599).
  * CVE-2023-1095: Fixed fix null deref due to zeroed list head in nf_tables
    (bsc#1208777).
  * CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in
    media/rc (bsc#1208837).
  * CVE-2023-1195: Fixed a use-after-free caused by invalid pointer `hostname`
    in cifs (bsc#1208971).
  * CVE-2023-22995: Fixed lacks of certain platform_device_put and kfree in
    drivers/usb/dwc3/dwc3-qcom.c (bsc#1208741).
  * CVE-2023-22998: Fixed NULL vs IS_ERR checking in
    virtio_gpu_object_shmem_init (bsc#1208776).
  * CVE-2023-23000: Fixed return value of tegra_xusb_find_port_node function
    phy/tegra (bsc#1208816).
  * CVE-2023-23004: Fixed NULL vs IS_ERR() checking in malidp (bsc#1208843).
  * CVE-2023-23006: Fixed NULL vs IS_ERR checking in dr_domain_init_resources
    (bsc#1208845).
  * CVE-2023-23559: Fixed integer overflow in rndis_wlan that leads to a buffer
    overflow (bsc#1207051).
  * CVE-2023-25012: Fixed a use-after-eree in bigben_set_led() in hid
    (bsc#1207560).
  * CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation
    failure (bsc#1208700).

The following non-security bugs were fixed:

  * add support for enabling livepatching related packages on -RT (jsc#PED-1706)
  * add suse-kernel-rpm-scriptlets to kmp buildreqs (boo#1205149)
  * bcache: fix set_at_max_writeback_rate() for multiple attached devices (git-
    fixes).
  * blktrace: Fix output non-blktrace event when blk_classic option enabled
    (git-fixes).
  * blktrace: ensure our debugfs dir exists (git-fixes).
  * ceph: avoid putting the realm twice when decoding snaps fails (bsc#1207198).
  * ceph: do not update snapshot context when there is no new snapshot
    (bsc#1207218).
  * config.conf: Drop armv7l, Leap 15.3 is EOL.
  * constraints: increase disk space for all architectures References:
    bsc#1203693 aarch64 is already suffering. SLE15-SP5 x86_64 stats show that
    it is very close to the limit.
  * delete config/armv7hl/default.
  * delete config/armv7hl/lpae.
  * dm btree: add a defensive bounds check to insert_at() (git-fixes).
  * dm cache: Fix ABBA deadlock between shrink_slab and dm_cache_metadata_abort
    (git-fixes).
  * dm cache: Fix UAF in destroy() (git-fixes).
  * dm cache: set needs_check flag after aborting metadata (git-fixes).
  * dm clone: Fix UAF in clone_dtr() (git-fixes).
  * dm integrity: Fix UAF in dm_integrity_dtr() (git-fixes).
  * dm integrity: fix flush with external metadata device (git-fixes).
  * dm integrity: flush the journal on suspend (git-fixes).
  * dm integrity: select CRYPTO_SKCIPHER (git-fixes).
  * dm ioctl: fix misbehavior if list_versions races with module loading (git-
    fixes).
  * dm ioctl: prevent potential spectre v1 gadget (git-fixes).
  * dm space map common: add bounds check to sm_ll_lookup_bitmap() (git-fixes).
  * dm space maps: do not reset space map allocation cursor when committing
    (git-fixes).
  * dm table: Remove BUG_ON(in_interrupt()) (git-fixes).
  * dm thin: Fix ABBA deadlock between shrink_slab and dm_pool_abort_metadata
    (git-fixes).
  * dm thin: Fix UAF in run_timer_softirq() (git-fixes).
  * dm thin: Use last transaction's pmd->root when commit failed (git-fixes).
  * dm thin: resume even if in FAIL mode (git-fixes).
  * dm verity: fix require_signatures module_param permissions (git-fixes).
  * dm verity: skip verity work if I/O error when system is shutting down (git-
    fixes).
  * do not sign the vanilla kernel (bsc#1209008).
  * drivers:md:fix a potential use-after-free bug (git-fixes).
  * ext4: Fixup pages without buffers (bsc#1205495).
  * genirq: Provide new interfaces for affinity hints (bsc#1208153).
  * hid: betop: check shape of output reports (git-fixes, bsc#1207186).
  * hid: check empty report_list in bigben_probe() (git-fixes, bsc#1206784).
  * hid: check empty report_list in hid_validate_values() (git-fixes,
    bsc#1206784).
  * kabi/severities: add mlx5 internal symbols
  * kernel-module-subpackage: Fix expansion with -b parameter (bsc#1208179).
    When -b is specified the script is prefixed with KMP_NEEDS_MKINITRD=1 which
    sets the variable for a simple command. However, the script is no longer a
    simple command. Export the variable instead.
  * kvm: vmx: fix crash cleanup when KVM wasn't used (bsc#1207508).
  * loop: unset GENHD_FL_NO_PART_SCAN on LOOP_CONFIGURE (git-fixes).
  * loop: use sysfs_emit() in the sysfs xxx show() (git-fixes).
  * md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d (git-fixes).
  * md: Flush workqueue md_rdev_misc_wq in md_alloc() (git-fixes).
  * md: Notify sysfs sync_completed in md_reap_sync_thread() (git-fixes).
  * md: protect md_unregister_thread from reentrancy (git-fixes).
  * mm/memcg: optimize memory.numa_stat like memory.stat (bsc#1206663).
  * mm/slub: fix panic in slab_alloc_node() (bsc#1208023).
  * mm: /proc/pid/smaps_rollup: fix no vma's null-deref (bsc#1207769).
  * module: Do not wait for GOING modules (bsc#1196058, bsc#1186449,
    bsc#1204356, bsc#1204662).
  * nbd: Fix hung on disconnect request if socket is closed before (git-fixes).
  * nbd: Fix hung when signal interrupts nbd_start_device_ioctl() (git-fixes).
  * nbd: Fix incorrect error handle when first_minor is illegal in nbd_dev_add
    (git-fixes).
  * nbd: call genl_unregister_family() first in nbd_cleanup() (git-fixes).
  * nbd: fix io hung while disconnecting device (git-fixes).
  * nbd: fix max value for 'first_minor' (git-fixes).
  * nbd: fix race between nbd_alloc_config() and module removal (git-fixes).
  * nbd: make the config put is called before the notifying the waiter (git-
    fixes).
  * nbd: restore default timeout when setting it to zero (git-fixes).
  * net/mlx5: Allocate individual capability (bsc#119175).
  * net/mlx5: Dynamically resize flow counters query buffer (bsc#119175).
  * net/mlx5: Fix flow counters SF bulk query len (bsc#119175).
  * net/mlx5: Reduce flow counters bulk query buffer size for SFs (bsc#119175).
  * net/mlx5: Reorganize current and maximal capabilities to be per-type
    (bsc#119175).
  * net/mlx5: Use order-0 allocations for EQs (bsc#119175).
  * net: mana: Assign interrupts to CPUs based on NUMA nodes (bsc#1208153).
  * net: mana: Fix IRQ name - add PCI and queue number (bsc#1207875).
  * net: mana: Fix accessing freed irq affinity_hint (bsc#1208153).
  * null_blk: fix ida error handling in null_add_dev() (git-fixes).
  * rbd: work around -Wuninitialized warning (git-fixes).
  * rdma/core: Fix ib block iterator counter overflow (bsc#1207878).
  * refresh patches.kabi/scsi-kABI-fix-for-eh_should_retry_cmd (bsc#1206351).
  * revert "constraints: increase disk space for all architectures"
    (bsc#1203693).
  * rpm/check-for-config-changes: add OBJTOOL and FTRACE_MCOUNT_USE_* Dummy gcc
    pretends to support -mrecord-mcount option but actual gcc on ppc64le does
    not. Therefore ppc64le builds of 6.2-rc1 and later in OBS enable
    FTRACE_MCOUNT_USE_OBJTOOL and OBJTOOL config options, resulting in check
    failure. As we already have FTRACE_MCOUNT_USE_CC and
    FTRACE_MCOUNT_USE_RECORDMCOUNT in the exception list, replace them with a
    general pattern. And add OBJTOOL as well.
  * rpm/check-for-config-changes: add TOOLCHAIN_HAS_* to IGNORED_CONFIGS_RE This
    new form was added in commit b8c86872d1dc (riscv: fix detection of toolchain
    Zicbom support).
  * rpm/check-for-config-changes: loosen pattern for AS_HAS_* This is needed to
    handle CONFIG_AS_HAS_NON_CONST_LEB128.
  * rpm/group-source-files.pl: Deal with {pre,post}fixed / in location When the
    source file location provided with -L is either prefixed or postfixed with
    forward slash, the script get stuck in a infinite loop inside calc_dirs()
    where $path is an empty string. user at localhost:/tmp> perl "$HOME/group-
    source-files.pl" -D devel.files -N nondevel.files -L
    /usr/src/linux-5.14.21-150500.41/ ... path =
    /usr/src/linux-5.14.21-150500.41/Documentation/Kconfig path =
    /usr/src/linux-5.14.21-150500.41/Documentation path =
    /usr/src/linux-5.14.21-150500.41 path = /usr/src path = /usr path = path =
    path = ... # Stuck in an infinite loop This workarounds the issue by
    breaking out the loop once path is an empty string. For a proper fix we'd
    want something that filesystem-aware, but this workaround should be enough
    for the rare occation that this script is ran manually. Link:
    http://mailman.suse.de/mlarch/SuSE/kernel/2023/kernel.2023.03/msg00024.html
  * rpm/kernel-binary.spec.in: Add Enhances and Supplements tags to in-tree KMPs
    This makes in-tree KMPs more consistent with externally built KMPs and
    silences several rpmlint warnings.
  * rpm/mkspec-dtb: add riscv64 dtb-renesas subpackage
  * s390/kexec: fix ipl report address for kdump (bsc#1207575).
  * scsi: 3w-9xxx: Avoid disabling device if failing to enable it (git-fixes).
  * scsi: BusLogic: Fix 64-bit system enumeration error for Buslogic (git-
    fixes).
  * scsi: NCR5380: Add disconnect_mask module parameter (git-fixes).
  * scsi: Revert "scsi: qla2xxx: Fix disk failure to rediscover" (git-fixes).
  * scsi: advansys: Fix kernel pointer leak (git-fixes).
  * scsi: aha152x: Fix aha152x_setup() __setup handler return value (git-fixes).
  * scsi: aic7xxx: Adjust indentation in ahc_find_syncrate (git-fixes).
  * scsi: aic7xxx: Fix unintentional sign extension issue on left shift of u8
    (git-fixes).
  * scsi: atari_scsi: sun3_scsi: Set sg_tablesize to 1 instead of SG_NONE (git-
    fixes).
  * scsi: bfa: Replace snprintf() with sysfs_emit() (git-fixes).
  * scsi: bnx2fc: Return failure if io_req is already in ABTS processing (git-
    fixes).
  * scsi: core: Avoid printing an error if target_alloc() returns -ENXIO (git-
    fixes).
  * scsi: core: Cap scsi_host cmd_per_lun at can_queue (git-fixes).
  * scsi: core: Do not start concurrent async scan on same host (git-fixes).
  * scsi: core: Fix a race between scsi_done() and scsi_timeout() (git-fixes).
  * scsi: core: Fix capacity set to zero after offlinining device (git-fixes).
  * scsi: core: Fix hang of freezing queue between blocking and running device
    (git-fixes).
  * scsi: core: Fix shost->cmd_per_lun calculation in scsi_add_host_with_dma()
    (git-fixes).
  * scsi: core: Restrict legal sdev_state transitions via sysfs (git-fixes).
  * scsi: core: free sgtables in case command setup fails (git-fixes).
  * scsi: core: sysfs: Fix hang when device state is set via sysfs (git-fixes).
  * scsi: core: sysfs: Fix setting device state to SDEV_RUNNING (git-fixes).
  * scsi: cxlflash: Fix error return code in cxlflash_probe() (git-fixes).
  * scsi: fcoe: Fix possible name leak when device_register() fails (git-fixes).
  * scsi: fcoe: Fix transport not deattached when fcoe_if_init() fails (git-
    fixes).
  * scsi: fnic: Fix memleak in vnic_dev_init_devcmd2 (git-fixes).
  * scsi: fnic: fix use after free (git-fixes).
  * scsi: hisi_sas: Check sas_port before using it (git-fixes).
  * scsi: hisi_sas: Delete the debugfs folder of hisi_sas when the probe fails
    (git-fixes).
  * scsi: hisi_sas: Do not reset phy timer to wait for stray phy up (git-fixes).
  * scsi: hisi_sas: Drop free_irq() of devm_request_irq() allocated irq (git-
    fixes).
  * scsi: hisi_sas: Propagate errors in interrupt_init_v1_hw() (git-fixes).
  * scsi: hisi_sas: Replace in_softirq() check in hisi_sas_task_exec() (git-
    fixes).
  * scsi: hpsa: Fix error handling in hpsa_add_sas_host() (git-fixes).
  * scsi: hpsa: Fix memory leak in hpsa_init_one() (git-fixes).
  * scsi: hpsa: Fix possible memory leak in hpsa_add_sas_device() (git-fixes).
  * scsi: hpsa: Fix possible memory leak in hpsa_init_one() (git-fixes).
  * scsi: ipr: Fix WARNING in ipr_init() (git-fixes).
  * scsi: ipr: Fix missing/incorrect resource cleanup in error case (git-fixes).
  * scsi: iscsi: Add iscsi_cls_conn refcount helpers (git-fixes).
  * scsi: iscsi: Avoid potential deadlock in iscsi_if_rx func (git-fixes).
  * scsi: iscsi: Do not destroy session if there are outstanding connections
    (git-fixes).
  * scsi: iscsi: Do not put host in iscsi_set_flashnode_param() (git-fixes).
  * scsi: iscsi: Do not send data to unbound connection (git-fixes).
  * scsi: iscsi: Fix reference count leak in iscsi_boot_create_kobj (git-fixes).
  * scsi: iscsi: Fix shost->max_id use (git-fixes).
  * scsi: iscsi: Report unbind session event when the target has been removed
    (git-fixes).
  * scsi: iscsi: Unblock session then wake up error handler (git-fixes).
  * scsi: libfc: Fix a format specifier (git-fixes).
  * scsi: libfc: Fix use after free in fc_exch_abts_resp() (git-fixes).
  * scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown()
    (git-fixes).
  * scsi: libiscsi: Fix iscsi_prep_scsi_cmd_pdu() error handling (git-fixes).
  * scsi: libsas: Add LUN number check in .slave_alloc callback (git-fixes).
  * scsi: megaraid: Fix error check return value of register_chrdev() (git-
    fixes).
  * scsi: megaraid_mm: Fix end of loop tests for list_for_each_entry() (git-
    fixes).
  * scsi: megaraid_sas: Early detection of VD deletion through RaidMap update
    (git-fixes).
  * scsi: megaraid_sas: Fix double kfree() (git-fixes).
  * scsi: megaraid_sas: Fix resource leak in case of probe failure (git-fixes).
  * scsi: megaraid_sas: Handle missing interrupts while re-enabling IRQs (git-
    fixes).
  * scsi: megaraid_sas: Target with invalid LUN ID is deleted during scan (git-
    fixes).
  * scsi: mpi3mr: Refer CONFIG_SCSI_MPI3MR in Makefile (git-fixes).
  * scsi: mpt3sas: Block PCI config access from userspace during reset (git-
    fixes).
  * scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add()
    (git-fixes).
  * scsi: mpt3sas: Fix timeouts observed while reenabling IRQ (git-fixes).
  * scsi: mpt3sas: Increase IOCInit request timeout to 30s (git-fixes).
  * scsi: mvsas: Add PCI ID of RocketRaid 2640 (git-fixes).
  * scsi: mvsas: Replace snprintf() with sysfs_emit() (git-fixes).
  * scsi: mvumi: Fix error return in mvumi_io_attach() (git-fixes).
  * scsi: myrb: Fix up null pointer access on myrb_cleanup() (git-fixes).
  * scsi: myrs: Fix crash in error case (git-fixes).
  * scsi: pm8001: Fix pm8001_mpi_task_abort_resp() (git-fixes).
  * scsi: pm: Balance pm_only counter of request queue during system resume
    (git-fixes).
  * scsi: pmcraid: Fix missing resource cleanup in error case (git-fixes).
  * scsi: qedf: Add check to synchronize abort and flush (git-fixes).
  * scsi: qedf: Fix a UAF bug in __qedf_probe() (git-fixes).
  * scsi: qedf: Fix refcount issue when LOGO is received during TMF (git-fixes).
  * scsi: qedf: Return SUCCESS if stale rport is encountered (git-fixes).
  * scsi: qedi: Fix failed disconnect handling (git-fixes).
  * scsi: qedi: Fix list_del corruption while removing active I/O (git-fixes).
  * scsi: qedi: Fix null ref during abort handling (git-fixes).
  * scsi: qedi: Protect active command list to avoid list corruption (git-
    fixes).
  * scsi: qla2xxx: Add option to disable FC2 Target support (bsc#1198438
    bsc#1206103).
  * scsi: scsi_debug: Fix a warning in resp_write_scat() (git-fixes).
  * scsi: scsi_debug: Fix possible UAF in sdebug_add_host_helper() (git-fixes).
  * scsi: scsi_debug: Fix possible name leak in sdebug_add_host_helper() (git-
    fixes).
  * scsi: scsi_debug: num_tgts must be >= 0 (git-fixes).
  * scsi: scsi_dh_alua: Check for negative result value (git-fixes).
  * scsi: scsi_dh_alua: Fix signedness bug in alua_rtpg() (git-fixes).
  * scsi: scsi_dh_alua: Remove check for ASC 24h in alua_rtpg() (git-fixes).
  * scsi: scsi_dh_rdac: Avoid crash during rdac_bus_attach() (git-fixes).
  * scsi: scsi_transport_spi: Fix function pointer check (git-fixes).
  * scsi: scsi_transport_spi: Set RQF_PM for domain validation commands (git-
    fixes).
  * scsi: sd: Free scsi_disk device via put_device() (git-fixes).
  * scsi: sd: Suppress spurious errors when WRITE SAME is being disabled (git-
    fixes).
  * scsi: ses: Fix unsigned comparison with less than zero (git-fixes).
  * scsi: ses: Retry failed Send/Receive Diagnostic commands (git-fixes).
  * scsi: snic: Fix possible UAF in snic_tgt_create() (git-fixes).
  * scsi: sr: Do not use GFP_DMA (git-fixes).
  * scsi: sr: Fix sr_probe() missing deallocate of device minor (git-fixes).
  * scsi: sr: Return appropriate error code when disk is ejected (git-fixes).
  * scsi: sr: Return correct event when media event code is 3 (git-fixes).
  * scsi: st: Fix a use after free in st_open() (git-fixes).
  * scsi: ufs-pci: Ensure UFS device is in PowerDown mode for suspend-to-disk
    ->poweroff() (git-fixes).
  * scsi: ufs: Add DELAY_BEFORE_LPM quirk for Micron devices (git-fixes).
  * scsi: ufs: Clean up completed request without interrupt notification (git-
    fixes).
  * scsi: ufs: Fix a race condition in the tracing code (git-fixes).
  * scsi: ufs: Fix error handing during hibern8 enter (git-fixes).
  * scsi: ufs: Fix illegal offset in UPIU event trace (git-fixes).
  * scsi: ufs: Fix interrupt error message for shared interrupts (git-fixes).
  * scsi: ufs: Fix irq return code (git-fixes).
  * scsi: ufs: Fix possible infinite loop in ufshcd_hold (git-fixes).
  * scsi: ufs: Fix tm request when non-fatal error happens (git-fixes).
  * scsi: ufs: Fix unbalanced scsi_block_reqs_cnt caused by ufshcd_hold() (git-
    fixes).
  * scsi: ufs: Fix up auto hibern8 enablement (git-fixes).
  * scsi: ufs: Fix wrong print message in dev_err() (git-fixes).
  * scsi: ufs: Improve interrupt handling for shared interrupts (git-fixes).
  * scsi: ufs: Make sure clk scaling happens only when HBA is runtime ACTIVE
    (git-fixes).
  * scsi: ufs: Make ufshcd_add_command_trace() easier to read (git-fixes).
  * scsi: ufs: delete redundant function ufshcd_def_desc_sizes() (git-fixes).
  * scsi: ufs: fix potential bug which ends in system hang (git-fixes).
  * scsi: ufs: ufs-qcom: Fix race conditions caused by ufs_qcom_testbus_config()
    (git-fixes).
  * scsi: virtio_scsi: Fix spelling mistake "Unsupport" -> "Unsupported" (git-
    fixes).
  * scsi: vmw_pvscsi: Expand vcpuHint to 16 bits (git-fixes).
  * scsi: vmw_pvscsi: Set correct residual data length (git-fixes).
  * scsi: vmw_pvscsi: Set residual data length conditionally (git-fixes).
  * sctp: fail if no bound addresses can be used for a given scope
    (bsc#1206677).
  * sctp: sysctl: make extra pointers netns aware (bsc#1204760).
  * update patches.suse/net-mlx5-Allocate-individual-capability (bsc#1195175).
  * update patches.suse/net-mlx5-Dynamically-resize-flow-counters-query-buff
    (bsc#1195175).
  * update patches.suse/net-mlx5-Fix-flow-counters-SF-bulk-query-len
    (bsc#1195175).
  * update patches.suse/net-mlx5-Reduce-flow-counters-bulk-query-buffer-size
    (bsc#1195175).
  * update patches.suse/net-mlx5-Reorganize-current-and-maximal-capabilities
    (bsc#1195175).
  * update patches.suse/net-mlx5-Use-order-0-allocations-for-EQs (bsc#1195175).
    Fixed bugzilla reference.
  * vmxnet3: move rss code block under eop descriptor (bsc#1208212).
  * watchdog: diag288_wdt: do not use stack buffers for hardware data
    (bsc#1207497).
  * watchdog: diag288_wdt: fix __diag288() inline assembly (bsc#1207497).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE Important update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Real Time Module 15-SP3  
    zypper in -t patch SUSE-SLE-Module-RT-15-SP3-2023-779=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2023-779=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-779=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-779=1

## Package List:

  * SUSE Real Time Module 15-SP3 (x86_64)
    * ocfs2-kmp-rt-5.3.18-150300.121.1
    * kernel-rt-devel-debuginfo-5.3.18-150300.121.1
    * kernel-rt-devel-5.3.18-150300.121.1
    * kernel-syms-rt-5.3.18-150300.121.1
    * cluster-md-kmp-rt-debuginfo-5.3.18-150300.121.1
    * gfs2-kmp-rt-5.3.18-150300.121.1
    * kernel-rt-debugsource-5.3.18-150300.121.1
    * kernel-rt_debug-debugsource-5.3.18-150300.121.1
    * dlm-kmp-rt-debuginfo-5.3.18-150300.121.1
    * kernel-rt-debuginfo-5.3.18-150300.121.1
    * kernel-rt_debug-debuginfo-5.3.18-150300.121.1
    * kernel-rt_debug-devel-5.3.18-150300.121.1
    * ocfs2-kmp-rt-debuginfo-5.3.18-150300.121.1
    * kernel-rt_debug-devel-debuginfo-5.3.18-150300.121.1
    * gfs2-kmp-rt-debuginfo-5.3.18-150300.121.1
    * cluster-md-kmp-rt-5.3.18-150300.121.1
    * dlm-kmp-rt-5.3.18-150300.121.1
  * SUSE Real Time Module 15-SP3 (noarch)
    * kernel-devel-rt-5.3.18-150300.121.1
    * kernel-source-rt-5.3.18-150300.121.1
  * SUSE Real Time Module 15-SP3 (nosrc x86_64)
    * kernel-rt-5.3.18-150300.121.1
  * SUSE Real Time Module 15-SP3 (nosrc)
    * kernel-rt_debug-5.3.18-150300.121.1
  * SUSE Linux Enterprise Micro 5.1 (nosrc x86_64)
    * kernel-rt-5.3.18-150300.121.1
  * SUSE Linux Enterprise Micro 5.1 (x86_64)
    * kernel-rt-debuginfo-5.3.18-150300.121.1
    * kernel-rt-debugsource-5.3.18-150300.121.1
  * SUSE Linux Enterprise Micro 5.2 (nosrc x86_64)
    * kernel-rt-5.3.18-150300.121.1
  * SUSE Linux Enterprise Micro 5.2 (x86_64)
    * kernel-rt-debuginfo-5.3.18-150300.121.1
    * kernel-rt-debugsource-5.3.18-150300.121.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (nosrc x86_64)
    * kernel-rt-5.3.18-150300.121.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64)
    * kernel-rt-debuginfo-5.3.18-150300.121.1
    * kernel-rt-debugsource-5.3.18-150300.121.1

## References:

  * https://www.suse.com/security/cve/CVE-2022-3606.html
  * https://www.suse.com/security/cve/CVE-2022-36280.html
  * https://www.suse.com/security/cve/CVE-2022-38096.html
  * https://www.suse.com/security/cve/CVE-2022-47929.html
  * https://www.suse.com/security/cve/CVE-2023-0045.html
  * https://www.suse.com/security/cve/CVE-2023-0179.html
  * https://www.suse.com/security/cve/CVE-2023-0266.html
  * https://www.suse.com/security/cve/CVE-2023-0590.html
  * https://www.suse.com/security/cve/CVE-2023-0597.html
  * https://www.suse.com/security/cve/CVE-2023-1076.html
  * https://www.suse.com/security/cve/CVE-2023-1095.html
  * https://www.suse.com/security/cve/CVE-2023-1118.html
  * https://www.suse.com/security/cve/CVE-2023-1195.html
  * https://www.suse.com/security/cve/CVE-2023-22995.html
  * https://www.suse.com/security/cve/CVE-2023-22998.html
  * https://www.suse.com/security/cve/CVE-2023-23000.html
  * https://www.suse.com/security/cve/CVE-2023-23004.html
  * https://www.suse.com/security/cve/CVE-2023-23006.html
  * https://www.suse.com/security/cve/CVE-2023-23559.html
  * https://www.suse.com/security/cve/CVE-2023-25012.html
  * https://www.suse.com/security/cve/CVE-2023-26545.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1186449
  * https://bugzilla.suse.com/show_bug.cgi?id=1203331
  * https://bugzilla.suse.com/show_bug.cgi?id=1203332
  * https://bugzilla.suse.com/show_bug.cgi?id=1203693
  * https://bugzilla.suse.com/show_bug.cgi?id=1204502
  * https://bugzilla.suse.com/show_bug.cgi?id=1204760
  * https://bugzilla.suse.com/show_bug.cgi?id=1205149
  * https://bugzilla.suse.com/show_bug.cgi?id=1206351
  * https://bugzilla.suse.com/show_bug.cgi?id=1206677
  * https://bugzilla.suse.com/show_bug.cgi?id=1206784
  * https://bugzilla.suse.com/show_bug.cgi?id=1207034
  * https://bugzilla.suse.com/show_bug.cgi?id=1207051
  * https://bugzilla.suse.com/show_bug.cgi?id=1207134
  * https://bugzilla.suse.com/show_bug.cgi?id=1207186
  * https://bugzilla.suse.com/show_bug.cgi?id=1207237
  * https://bugzilla.suse.com/show_bug.cgi?id=1207497
  * https://bugzilla.suse.com/show_bug.cgi?id=1207508
  * https://bugzilla.suse.com/show_bug.cgi?id=1207560
  * https://bugzilla.suse.com/show_bug.cgi?id=1207773
  * https://bugzilla.suse.com/show_bug.cgi?id=1207795
  * https://bugzilla.suse.com/show_bug.cgi?id=1207845
  * https://bugzilla.suse.com/show_bug.cgi?id=1207875
  * https://bugzilla.suse.com/show_bug.cgi?id=1207878
  * https://bugzilla.suse.com/show_bug.cgi?id=1208212
  * https://bugzilla.suse.com/show_bug.cgi?id=1208599
  * https://bugzilla.suse.com/show_bug.cgi?id=1208700
  * https://bugzilla.suse.com/show_bug.cgi?id=1208741
  * https://bugzilla.suse.com/show_bug.cgi?id=1208776
  * https://bugzilla.suse.com/show_bug.cgi?id=1208816
  * https://bugzilla.suse.com/show_bug.cgi?id=1208837
  * https://bugzilla.suse.com/show_bug.cgi?id=1208845
  * https://bugzilla.suse.com/show_bug.cgi?id=1208971
  * https://bugzilla.suse.com/show_bug.cgi?id=1209008

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20230316/f5fd5861/attachment.htm>


More information about the sle-security-updates mailing list