SUSE-SU-2023:4058-1: important: Security update for the Linux Kernel
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Thu Oct 12 12:46:38 UTC 2023
# Security update for the Linux Kernel
Announcement ID: SUSE-SU-2023:4058-1
Rating: important
References:
* #1065729
* #1152472
* #1187236
* #1201284
* #1202845
* #1206453
* #1208995
* #1210169
* #1210643
* #1210658
* #1212639
* #1212703
* #1213123
* #1213534
* #1213808
* #1214022
* #1214037
* #1214040
* #1214233
* #1214351
* #1214479
* #1214543
* #1214635
* #1214813
* #1214873
* #1214928
* #1214940
* #1214941
* #1214942
* #1214943
* #1214944
* #1214945
* #1214946
* #1214947
* #1214948
* #1214949
* #1214950
* #1214951
* #1214952
* #1214953
* #1214954
* #1214955
* #1214957
* #1214958
* #1214959
* #1214961
* #1214962
* #1214963
* #1214964
* #1214965
* #1214966
* #1214967
* #1214986
* #1214988
* #1214990
* #1214991
* #1214992
* #1214993
* #1214995
* #1214997
* #1214998
* #1215115
* #1215117
* #1215123
* #1215124
* #1215148
* #1215150
* #1215221
* #1215275
* #1215322
* #1215467
* #1215523
* #1215581
* #1215752
* #1215858
* #1215860
* #1215861
* #1215875
* #1215877
* #1215894
* #1215895
* #1215896
* #1215899
* #1215911
* #1215915
* #1215916
* #1215941
* #1215956
* #1215957
* PED-1549
* PED-2023
* PED-2025
Cross-References:
* CVE-2023-1192
* CVE-2023-1206
* CVE-2023-1859
* CVE-2023-2177
* CVE-2023-37453
* CVE-2023-39192
* CVE-2023-39193
* CVE-2023-39194
* CVE-2023-40283
* CVE-2023-4155
* CVE-2023-42753
* CVE-2023-42754
* CVE-2023-4389
* CVE-2023-4622
* CVE-2023-4623
* CVE-2023-4881
* CVE-2023-4921
* CVE-2023-5345
CVSS scores:
* CVE-2023-1192 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-1206 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-1206 ( NVD ): 5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-1859 ( SUSE ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L
* CVE-2023-1859 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-2177 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-2177 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-37453 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-37453 ( NVD ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-39192 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-39192 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L
* CVE-2023-39193 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L
* CVE-2023-39193 ( NVD ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L
* CVE-2023-39194 ( SUSE ): 3.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N
* CVE-2023-39194 ( NVD ): 3.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N
* CVE-2023-40283 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-40283 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4155 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
* CVE-2023-4155 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
* CVE-2023-42753 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-42754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-42754 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-4389 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2023-4389 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4622 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4623 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4623 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4881 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
* CVE-2023-4881 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2023-4921 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4921 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-5345 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-5345 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.5
* Public Cloud Module 15-SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
An update that solves 18 vulnerabilities, contains three features and has 71
security fixes can now be installed.
## Description:
The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various
security bugfixes.
The following security bugs were fixed:
* CVE-2023-39192: Fixed an out of bounds read in the netfilter (bsc#1215858).
* CVE-2023-39193: Fixed an out of bounds read in the xtables subsystem
(bsc#1215860).
* CVE-2023-39194: Fixed an out of bounds read in the XFRM subsystem
(bsc#1215861).
* CVE-2023-42754: Fixed a NULL pointer dereference in the IPv4 stack that
could lead to denial of service (bsc#1215467).
* CVE-2023-4389: Fixed a reference counting issue in the Btrfs filesystem that
could be exploited in order to leak internal kernel information or crash the
system (bsc#1214351).
* CVE-2023-5345: fixed an use-after-free vulnerability in the fs/smb/client
component which could be exploited to achieve local privilege escalation
(bsc#1215899).
* CVE-2023-42753: Fixed an array indexing vulnerability in the netfilter
subsystem. This issue may have allowed a local user to crash the system or
potentially escalate their privileges (bsc#1215150).
* CVE-2023-1206: Fixed a hash collision flaw in the IPv6 connection lookup
table which could be exploited by network adjacent attackers, increasing CPU
usage by 95% (bsc#1212703).
* CVE-2023-4921: Fixed a use-after-free vulnerability in the QFQ network
scheduler which could be exploited to achieve local privilege escalatio
(bsc#1215275).
* CVE-2023-37453: Fixed oversight in SuperSpeed initialization (bsc#1213123).
* CVE-2023-4622: Fixed a use-after-free vulnerability in the Unix domain
sockets component which could be exploited to achieve local privilege
escalation (bsc#1215117).
* CVE-2023-4623: Fixed a use-after-free issue in the HFSC network scheduler
which could be exploited to achieve local privilege escalation
(bsc#1215115).
* CVE-2023-4155: Fixed a flaw in KVM AMD Secure Encrypted Virtualization
(SEV). An attacker can trigger a stack overflow and cause a denial of
service or potentially guest-to-host escape in kernel configurations without
stack guard pages (bsc#1214022).
* CVE-2023-1859: Fixed a use-after-free flaw in Xen transport for 9pfs which
could be exploited to crash the system (bsc#1210169).
* CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem
that could lead to potential information disclosure or a denial of service
(bsc#1215221).
* CVE-2023-2177: Fixed a null pointer dereference issue in the sctp network
protocol which could allow a user to crash the system (bsc#1210643).
* CVE-2023-40283: Fixed use-after-free in l2cap_sock_ready_cb (bsc#1214233).
* CVE-2023-1192: Fixed use-after-free in cifs_demultiplex_thread()
(bsc#1208995).
The following non-security bugs were fixed:
* ALSA: hda/cirrus: Fix broken audio on hardware with two CS42L42 codecs (git-
fixes).
* ALSA: hda/realtek: Splitting the UX3402 into two separate models (git-
fixes).
* ARM: pxa: remove use of symbol_get() (git-fixes).
* ASoC: SOF: core: Only call sof_ops_free() on remove if the probe was
successful (git-fixes).
* ASoC: amd: yc: Fix non-functional mic on Lenovo 82QF and 82UG (git-fixes).
* ASoC: hdaudio.c: Add missing check for devm_kstrdup (git-fixes).
* ASoC: imx-audmix: Fix return error with devm_clk_get() (git-fixes).
* ASoC: meson: spdifin: start hw on dai probe (git-fixes).
* ASoC: rt5640: Fix IRQ not being free-ed for HDA jack detect mode (git-
fixes).
* ASoC: rt5640: Fix sleep in atomic context (git-fixes).
* ASoC: rt5640: Revert "Fix sleep in atomic context" (git-fixes).
* ASoC: soc-utils: Export snd_soc_dai_is_dummy() symbol (git-fixes).
* ASoC: tegra: Fix redundant PLLA and PLLA_OUT0 updates (git-fixes).
* Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race
condition (git-fixes).
* Drivers: hv: vmbus: Bring the post_msg_page back for TDX VMs with the
paravisor (bsc#1206453).
* Drivers: hv: vmbus: Support >64 VPs for a fully enlightened TDX/SNP VM
(bsc#1206453).
* Drivers: hv: vmbus: Support fully enlightened TDX guests (bsc#1206453).
* Drop amdgpu patch causing spamming (bsc#1215523).
* Input: tca6416-keypad - fix interrupt enable disbalance (git-fixes).
* KVM: SVM: Remove a duplicate definition of VMCB_AVIC_APIC_BAR_MASK (git-
fixes).
* KVM: VMX: Fix header file dependency of asm/vmx.h (git-fixes).
* KVM: s390/diag: fix racy access of physical cpu number in diag 9c handler
(git-fixes bsc#1215911).
* KVM: s390: fix KVM_S390_GET_CMMA_BITS for GFNs in memslot holes (git-fixes
bsc#1215915).
* KVM: s390: interrupt: use READ_ONCE() before cmpxchg() (git-fixes
bsc#1215896).
* KVM: s390: pv: fix external interruption loop not always detected (git-fixes
bsc#1215916).
* KVM: s390: vsie: Fix the initialization of the epoch extension (epdx) field
(git-fixes bsc#1215894).
* KVM: s390: vsie: fix the length of APCB bitmap (git-fixes bsc#1215895).
* KVM: x86/mmu: Include mmu.h in spte.h (git-fixes).
* KVM: x86: Fix KVM_CAP_SYNC_REGS's sync_regs() TOCTOU issues (git-fixes).
* NFS/pNFS: Report EINVAL errors from connect() to the server (git-fixes).
* NFS: Guard against READDIR loop when entry names exceed MAXNAMELEN (git-
fixes).
* NFSD: da_addr_body field missing in some GETDEVICEINFO replies (git-fixes).
* NFSv4.2: fix error handling in nfs42_proc_getxattr (git-fixes).
* NFSv4.2: fix handling of COPY ERR_OFFLOAD_NO_REQ (git-fixes).
* NFSv4/pnfs: minor fix for cleanup path in nfs4_get_device_info (git-fixes).
* NFSv4: Fix dropped lock for racing OPEN and delegation return (git-fixes).
* NFSv4: fix out path in __nfs4_get_acl_uncached (git-fixes).
* PCI: Free released resource after coalescing (git-fixes).
* RDMA/siw: Fabricate a GID on tun and loopback devices (git-fixes)
* Revert "PCI: Mark NVIDIA T4 GPUs to avoid bus reset" (git-fixes).
* Revert "scsi: qla2xxx: Fix buffer overrun" (bsc#1214928).
* SUNRPC: Mark the cred for revalidation if the server rejects it (git-fixes).
* USB: serial: option: add FOXCONN T99W368/T99W373 product (git-fixes).
* USB: serial: option: add Quectel EM05G variant (0x030e) (git-fixes).
* arm64/fpsimd: Only provide the length to cpufeature for xCR registers (git-
fixes)
* arm64/hyperv: Use CPUHP_AP_HYPERV_ONLINE state to fix CPU online sequencing
(bsc#1206453).
* arm64: csum: Fix OoB access in IP checksum code for negative lengths (git-
fixes).
* arm64: module-plts: inline linux/moduleloader.h (git-fixes)
* arm64: module: Use module_init_layout_section() to spot init sections (git-
fixes)
* arm64: sdei: abort running SDEI handlers during crash (git-fixes)
* arm64: tegra: Update AHUB clock parent and rate (git-fixes)
* ata: libata: disallow dev-initiated LPM transitions to unsupported states
(git-fixes).
* ata: pata_falcon: fix IO base selection for Q40 (git-fixes).
* ata: pata_ftide010: Add missing MODULE_DESCRIPTION (git-fixes).
* ata: sata_gemini: Add missing MODULE_DESCRIPTION (git-fixes).
* backlight: gpio_backlight: Drop output GPIO direction check for initial
power state (git-fixes).
* blacklist.conf: workqueue: compiler warning on 32-bit systems with Clang
(bsc#1215877)
* blk-iocost: fix divide by 0 error in calc_lcoefs() (bsc#1214986).
* blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost
(bsc#1214992).
* block/mq-deadline: use correct way to throttling write requests
(bsc#1214993).
* bnx2x: new flag for track HW resource allocation (bsc#1202845 bsc#1215322).
* bpf: Clear the probe_addr for uprobe (git-fixes).
* btrfs: do not hold CPU for too long when defragging a file (bsc#1214988).
* clocksource: hyper-v: Mark hyperv tsc page unencrypted in sev-snp
enlightened guest (bsc#1206453).
* drivers: hv: Mark percpu hvcall input arg page unencrypted in SEV-SNP
enlightened guest (bsc#1206453).
* drm/amd/display: Add smu write msg id fail retry process (git-fixes).
* drm/amd/display: Remove wait while locked (git-fixes).
* drm/amd/display: enable cursor degamma for DCN3+ DRM legacy gamma (git-
fixes).
* drm/amd/display: fix the white screen issue when >= 64GB DRAM (git-fixes).
* drm/amd/display: prevent potential division by zero errors (git-fixes).
* drm/amd/display: register edp_backlight_control() for DCN301 (git-fixes).
* drm/ast: Add BMC virtual connector (bsc#1152472) Backporting changes: *
rename ast_device to ast_private
* drm/ast: report connection status on Display Port. (bsc#1152472) Backporting
changes: * rename ast_device to ast_private * context changes
* drm/display: Do not assume dual mode adaptors support i2c sub-addressing
(bsc#1213808).
* drm/i915/gvt: Drop unused helper intel_vgpu_reset_gtt() (git-fixes).
* drm/i915/gvt: Put the page reference obtained by KVM's gfn_to_pfn() (git-
fixes).
* drm/i915/gvt: Verify pfn is "valid" before dereferencing "struct page" (git-
fixes).
* drm/i915: mark requests for GuC virtual engines to avoid use-after-free
(git-fixes).
* drm/meson: fix memory leak on ->hpd_notify callback (git-fixes).
* drm/virtio: Correct drm_gem_shmem_get_sg_table() error handling (git-fixes).
* drm/virtio: Use appropriate atomic state in virtio_gpu_plane_cleanup_fb()
(git-fixes).
* drm: gm12u320: Fix the timeout usage for usb_bulk_msg() (git-fixes).
* ext4: Remove ext4 locking of moved directory (bsc#1214957).
* ext4: avoid potential data overflow in next_linear_group (bsc#1214951).
* ext4: correct inline offset when handling xattrs in inode body
(bsc#1214950).
* ext4: fix memory leaks in ext4_fname_{setup_filename,prepare_lookup}
(bsc#1214954).
* ext4: fix wrong unit use in ext4_mb_clear_bb (bsc#1214943).
* ext4: fix wrong unit use in ext4_mb_new_blocks (bsc#1214944).
* ext4: get block from bh in ext4_free_blocks for fast commit replay
(bsc#1214942).
* ext4: reflect error codes from ext4_multi_mount_protect() to its callers
(bsc#1214941).
* ext4: set goal start correctly in ext4_mb_normalize_request (bsc#1214940).
* fs: Establish locking order for unrelated directories (bsc#1214958).
* fs: Lock moved directories (bsc#1214959).
* fs: do not update freeing inode i_io_list (bsc#1214813).
* fs: lockd: avoid possible wrong NULL parameter (git-fixes).
* fs: no need to check source (bsc#1215752).
* fs: record I_DIRTY_TIME even if inode already has I_DIRTY_INODE
(bsc#1214813).
* fuse: nlookup missing decrement in fuse_direntplus_link (bsc#1215581).
* gve: Add AF_XDP zero-copy support for GQI-QPL format (bsc#1214479).
* gve: Add XDP DROP and TX support for GQI-QPL format (bsc#1214479).
* gve: Add XDP REDIRECT support for GQI-QPL format (bsc#1214479).
* gve: Changes to add new TX queues (bsc#1214479).
* gve: Control path for DQO-QPL (bsc#1214479).
* gve: Fix gve interrupt names (bsc#1214479).
* gve: RX path for DQO-QPL (bsc#1214479).
* gve: Tx path for DQO-QPL (bsc#1214479).
* gve: Unify duplicate GQ min pkt desc size constants (bsc#1214479).
* gve: XDP support GQI-QPL: helper function changes (bsc#1214479).
* gve: fix frag_list chaining (bsc#1214479).
* gve: trivial spell fix Recive to Receive (bsc#1214479).
* gve: use vmalloc_array and vcalloc (bsc#1214479).
* hwrng: virtio - Fix race on data_avail and actual data (git-fixes).
* hwrng: virtio - add an internal buffer (git-fixes).
* hwrng: virtio - always add a pending request (git-fixes).
* hwrng: virtio - do not wait on cleanup (git-fixes).
* hwrng: virtio - do not waste entropy (git-fixes).
* i2c: aspeed: Reset the i2c controller when timeout occurs (git-fixes).
* i3c: master: svc: fix probe failure when no i3c device exist (git-fixes).
* i915/pmu: Move execlist stats initialization to execlist specific setup
(git-fixes).
* idr: fix param name in idr_alloc_cyclic() doc (git-fixes).
* iommu/virtio: Detach domain on endpoint release (git-fixes).
* iommu/virtio: Return size mapped for a detached domain (git-fixes).
* jbd2: Fix wrongly judgement for buffer head removing while doing checkpoint
(bsc#1214948).
* jbd2: check 'jh->b_transaction' before removing it from checkpoint
(bsc#1214953).
* jbd2: correct the end of the journal recovery scan range (bsc#1214955).
* jbd2: fix a race when checking checkpoint buffer busy (bsc#1214949).
* jbd2: fix checkpoint cleanup performance regression (bsc#1214952).
* jbd2: recheck chechpointing non-dirty buffer (bsc#1214945).
* jbd2: remove journal_clean_one_cp_list() (bsc#1214947).
* jbd2: remove t_checkpoint_io_list (bsc#1214946).
* jbd2: restore t_checkpoint_io_list to maintain kABI (bsc#1214946).
* kabi/severities: ignore mlx4 internal symbols
* s390/ipl: add support for List-Directed dump from ECKD DASD (jsc#PED-2023,
jsc#PED-2025).
* kconfig: fix possible buffer overflow (git-fixes).
* kernel-binary: Move build-time definitions together Move source list and
build architecture to buildrequires to aid in future reorganization of the
spec template.
* kernel-binary: python3 is needed for build At least
scripts/bpf_helpers_doc.py requires python3 since Linux 4.18 Other simimlar
scripts may exist.
* kselftest/runner.sh: Propagate SIGTERM to runner child (git-fixes).
* loop: Fix use-after-free issues (bsc#1214991).
* loop: loop_set_status_from_info() check before assignment (bsc#1214990).
* mlx4: Avoid resetting MLX4_INTFF_BONDING per driver (bsc#1187236).
* mlx4: Connect the ethernet part to the auxiliary bus (bsc#1187236).
* mlx4: Connect the infiniband part to the auxiliary bus (bsc#1187236).
* mlx4: Delete custom device management logic (bsc#1187236).
* mlx4: Get rid of the mlx4_interface.activate callback (bsc#1187236).
* mlx4: Get rid of the mlx4_interface.get_dev callback (bsc#1187236).
* mlx4: Move the bond work to the core driver (bsc#1187236).
* mlx4: Register mlx4 devices to an auxiliary virtual bus (bsc#1187236).
* mlx4: Rename member mlx4_en_dev.nb to netdev_nb (bsc#1187236).
* mlx4: Replace the mlx4_interface.event callback with a notifier
(bsc#1187236).
* mlx4: Use 'void *' as the event param of mlx4_dispatch_event()
(bsc#1187236).
* module: Expose module_init_layout_section() (git-fixes)
* net/mlx4: Remove many unnecessary NULL values (bsc#1187236).
* net: do not allow gso_size to be set to GSO_BY_FRAGS (git-fixes).
* net: mana: Add page pool for RX buffers (bsc#1214040).
* net: mana: Configure hwc timeout from hardware (bsc#1214037).
* net: phy: micrel: Correct bit assignments for phy_device flags (git-fixes).
* net: usb: qmi_wwan: add Quectel EM05GV2 (git-fixes).
* nfs/blocklayout: Use the passed in gfp flags (git-fixes).
* nfsd: Fix race to FREE_STATEID and cl_revoked (git-fixes).
* nfsd: fix change_info in NFSv4 RENAME replies (git-fixes).
* ntb: Clean up tx tail index on link down (git-fixes).
* ntb: Drop packets when qp link is down (git-fixes).
* ntb: Fix calculation ntb_transport_tx_free_entry() (git-fixes).
* nvme-auth: use chap->s2 to indicate bidirectional authentication
(bsc#1214543).
* nvme-tcp: Do not terminate commands when in RESETTING (bsc#1201284).
* nvme-tcp: add recovery_delay to sysfs (bsc#1201284).
* nvme-tcp: delay error recovery until the next KATO interval (bsc#1201284).
* nvme-tcp: make 'err_work' a delayed work (bsc#1201284).
* pNFS: Fix assignment of xprtdata.cred (git-fixes).
* platform/mellanox: mlxbf-pmc: Fix potential buffer overflows (git-fixes).
* platform/mellanox: mlxbf-pmc: Fix reading of unprogrammed events (git-
fixes).
* platform/mellanox: mlxbf-tmfifo: Drop jumbo frames (git-fixes).
* platform/mellanox: mlxbf-tmfifo: Drop the Rx packet if no more descriptors
(git-fixes).
* platform/x86: intel_scu_ipc: Check status after timeout in busy_loop() (git-
fixes).
* platform/x86: intel_scu_ipc: Check status upon timeout in
ipc_wait_for_interrupt() (git-fixes).
* platform/x86: intel_scu_ipc: Do not override scu in
intel_scu_ipc_dev_simple_command() (git-fixes).
* platform/x86: intel_scu_ipc: Fail IPC send if still busy (git-fixes).
* powerpc/fadump: make is_kdump_kernel() return false when fadump is active
(bsc#1212639 ltc#202582).
* powerpc/iommu: Fix notifiers being shared by PCI and VIO buses
(bsc#1065729).
* powerpc/xics: Remove unnecessary endian conversion (bsc#1065729).
* printk: ringbuffer: Fix truncating buffer size min_t cast (bsc#1215875).
* pwm: lpc32xx: Remove handling of PWM channels (git-fixes).
* quota: Properly disable quotas when add_dquot_ref() fails (bsc#1214961).
* quota: add new helper dquot_active() (bsc#1214998).
* quota: factor out dquot_write_dquot() (bsc#1214995).
* quota: fix dqput() to follow the guarantees dquot_srcu should provide
(bsc#1214963).
* quota: fix warning in dqgrab() (bsc#1214962).
* quota: rename dquot_active() to inode_quota_active() (bsc#1214997).
* s390/dasd: fix hanging device after request requeue (git-fixes bsc#1215124).
* s390/qeth: Do not call dev_close/dev_open (DOWN/UP) (bsc#1214873 git-fixes).
* s390/zcrypt: do not leak memory if dev_set_name() fails (git-fixes
bsc#1215148).
* s390: add z16 elf platform (git-fixes bsc#1215956, bsc#1215957).
* scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe()
(git-fixes).
* scsi: 53c700: Check that command slot is not NULL (git-fixes).
* scsi: core: Fix legacy /proc parsing buffer overflow (git-fixes).
* scsi: core: Fix possible memory leak if device_add() fails (git-fixes).
* scsi: fnic: Replace return codes in fnic_clean_pending_aborts() (git-fixes).
* scsi: lpfc: Do not abuse UUID APIs and LPFC_COMPRESS_VMID_SIZE (git-fixes).
* scsi: lpfc: Early return after marking final NLP_DROPPED flag in
dev_loss_tmo (git-fixes).
* scsi: lpfc: Fix the NULL vs IS_ERR() bug for debugfs_create_file() (git-
fixes).
* scsi: lpfc: Modify when a node should be put in device recovery mode during
RSCN (git-fixes).
* scsi: lpfc: Prevent use-after-free during rmmod with mapped NVMe rports
(git-fixes).
* scsi: lpfc: Remove reftag check in DIF paths (git-fixes).
* scsi: qedf: Add synchronization between I/O completions and abort
(bsc#1210658).
* scsi: qedf: Fix NULL dereference in error handling (git-fixes).
* scsi: qedf: Fix firmware halt over suspend and resume (git-fixes).
* scsi: qedi: Fix firmware halt over suspend and resume (git-fixes).
* scsi: qla2xxx: Add logs for SFP temperature monitoring (bsc#1214928).
* scsi: qla2xxx: Allow 32-byte CDBs (bsc#1214928).
* scsi: qla2xxx: Error code did not return to upper layer (bsc#1214928).
* scsi: qla2xxx: Fix NULL vs IS_ERR() bug for debugfs_create_dir() (git-
fixes).
* scsi: qla2xxx: Fix firmware resource tracking (bsc#1214928).
* scsi: qla2xxx: Fix smatch warn for qla_init_iocb_limit() (bsc#1214928).
* scsi: qla2xxx: Flush mailbox commands on chip reset (bsc#1214928).
* scsi: qla2xxx: Move resource to allow code reuse (bsc#1214928).
* scsi: qla2xxx: Remove unsupported ql2xenabledif option (bsc#1214928).
* scsi: qla2xxx: Remove unused declarations (bsc#1214928).
* scsi: qla2xxx: Remove unused variables in qla24xx_build_scsi_type_6_iocbs()
(bsc#1214928).
* scsi: qla2xxx: Update version to 10.02.09.100-k (bsc#1214928).
* scsi: qla2xxx: Use raw_smp_processor_id() instead of smp_processor_id()
(git-fixes).
* scsi: scsi_debug: Remove dead code (git-fixes).
* scsi: snic: Fix double free in snic_tgt_create() (git-fixes).
* scsi: snic: Fix possible memory leak if device_add() fails (git-fixes).
* scsi: storvsc: Handle additional SRB status values (git-fixes).
* scsi: zfcp: Fix a double put in zfcp_port_enqueue() (git-fixes bsc#1215941).
* selftests: mlxsw: Fix test failure on Spectrum-4 (jsc#PED-1549).
* selftests: tracing: Fix to unmount tracefs for recovering environment (git-
fixes).
* spi: Add TPM HW flow flag (bsc#1213534)
* spi: tegra210-quad: Enable TPM wait polling (bsc#1213534)
* spi: tegra210-quad: set half duplex flag (bsc#1213534)
* tcpm: Avoid soft reset when partner does not support get_status (git-fixes).
* tpm_tis_spi: Add hardware wait polling (bsc#1213534)
* tracing: Fix race issue between cpu buffer write and swap (git-fixes).
* tracing: Remove extra space at the end of hwlat_detector/mode (git-fixes).
* tracing: Remove unnecessary copying of tr->current_trace (git-fixes).
* uapi: stddef.h: Fix __DECLARE_FLEX_ARRAY for C++ (git-fixes).
* udf: Fix extension of the last extent in the file (bsc#1214964).
* udf: Fix file corruption when appending just after end of preallocated
extent (bsc#1214965).
* udf: Fix off-by-one error when discarding preallocation (bsc#1214966).
* udf: Fix uninitialized array access for some pathnames (bsc#1214967).
* uprobes/x86: Allow to probe a NOP instruction with 0x66 prefix (git-fixes).
* usb: ehci: add workaround for chipidea PORTSC.PEC bug (git-fixes).
* usb: ehci: move new member has_ci_pec_bug into hole (git-fixes).
* usb: typec: tcpci: clear the fault status bit (git-fixes).
* usb: typec: tcpci: move tcpci.h to include/linux/usb/ (git-fixes).
* vhost-scsi: unbreak any layout for response (git-fixes).
* vhost: allow batching hint without size (git-fixes).
* vhost: fix hung thread due to erroneous iotlb entries (git-fixes).
* vhost: handle error while adding split ranges to iotlb (git-fixes).
* vhost_vdpa: fix the crash in unmap a large memory (git-fixes).
* virtio-blk: set req->state to MQ_RQ_COMPLETE after polling I/O is finished
(git-fixes).
* virtio-mmio: do not break lifecycle of vm_dev (git-fixes).
* virtio-net: fix race between set queues and probe (git-fixes).
* virtio-net: set queues after driver_ok (git-fixes).
* virtio-rng: make device ready before making request (git-fixes).
* virtio: acknowledge all features before access (git-fixes).
* virtio_net: Fix probe failed when modprobe virtio_net (git-fixes).
* virtio_net: add checking sq is full inside xdp xmit (git-fixes).
* virtio_net: reorder some funcs (git-fixes).
* virtio_net: separate the logic of checking whether sq is full (git-fixes).
* virtio_ring: fix avail_wrap_counter in virtqueue_add_packed (git-fixes).
* vmcore: remove dependency with is_kdump_kernel() for exporting vmcore
(bsc#1212639 ltc#202582).
* watchdog: intel-mid_wdt: add MODULE_ALIAS() to allow auto-load (git-fixes).
* word-at-a-time: use the same return type for has_zero regardless of
endianness (bsc#1065729).
* x86/PVH: avoid 32-bit build warning when obtaining VGA console info (git-
fixes).
* x86/alternative: Fix race in try_get_desc() (git-fixes).
* x86/boot/e820: Fix typo in e820.c comment (git-fixes).
* x86/bugs: Reset speculation control settings on init (git-fixes).
* x86/coco: Allow CPU online/offline for a TDX VM with the paravisor on
Hyper-V (bsc#1206453).
* x86/coco: Export cc_vendor (bsc#1206453).
* x86/cpu: Add Lunar Lake M (git-fixes).
* x86/cpu: Add model number for Intel Arrow Lake processor (git-fixes).
* x86/fpu: Take task_struct* in copy_sigframe_from_user_to_xstate() (git-
fixes).
* x86/head/64: Switch to KERNEL_CS as soon as new GDT is installed (git-
fixes).
* x86/hyperv: Add VTL specific structs and hypercalls (bsc#1206453).
* x86/hyperv: Add hv_isolation_type_tdx() to detect TDX guests (bsc#1206453).
* x86/hyperv: Add hv_write_efer() for a TDX VM with the paravisor
(bsc#1206453).
* x86/hyperv: Add hyperv-specific handling for VMMCALL under SEV-ES
(bsc#1206453).
* x86/hyperv: Add missing 'inline' to hv_snp_boot_ap() stub (bsc#1206453).
* x86/hyperv: Add sev-snp enlightened guest static key (bsc#1206453)
* x86/hyperv: Add smp support for SEV-SNP guest (bsc#1206453).
* x86/hyperv: Fix hyperv_pcpu_input_arg handling when CPUs go online/offline
(bsc#1206453).
* x86/hyperv: Fix serial console interrupts for fully enlightened TDX guests
(bsc#1206453).
* x86/hyperv: Fix undefined reference to isolation_type_en_snp without
CONFIG_HYPERV (bsc#1206453).
* x86/hyperv: Introduce a global variable hyperv_paravisor_present
(bsc#1206453).
* x86/hyperv: Mark Hyper-V vp assist page unencrypted in SEV-SNP enlightened
guest (bsc#1206453).
* x86/hyperv: Mark hv_ghcb_terminate() as noreturn (bsc#1206453).
* x86/hyperv: Move the code in ivm.c around to avoid unnecessary ifdef's
(bsc#1206453).
* x86/hyperv: Remove hv_isolation_type_en_snp (bsc#1206453).
* x86/hyperv: Set Virtual Trust Level in VMBus init message (bsc#1206453).
* x86/hyperv: Support hypercalls for fully enlightened TDX guests
(bsc#1206453).
* x86/hyperv: Use TDX GHCI to access some MSRs in a TDX VM with the paravisor
(bsc#1206453).
* x86/hyperv: Use vmmcall to implement Hyper-V hypercall in sev-snp
enlightened guest (bsc#1206453).
* x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL (git-fixes).
* x86/ioapic: Do not return 0 from arch_dynirq_lower_bound() (git-fixes).
* x86/ioremap: Fix page aligned size calculation in __ioremap_caller() (git-
fixes).
* x86/mce: Retrieve poison range from hardware (git-fixes).
* x86/mem_encrypt: Unbreak the AMD_MEM_ENCRYPT=n build (git-fixes).
* x86/mm: Avoid incomplete Global INVLPG flushes (git-fixes).
* x86/mm: Do not shuffle CPU entry areas without KASLR (git-fixes).
* x86/purgatory: remove PGO flags (git-fixes).
* x86/reboot: Disable virtualization in an emergency if SVM is supported (git-
fixes).
* x86/resctl: fix scheduler confusion with 'current' (git-fixes).
* x86/resctrl: Fix task CLOSID/RMID update race (git-fixes).
* x86/resctrl: Fix to restore to original value when re-enabling hardware
prefetch register (git-fixes).
* x86/rtc: Remove __init for runtime functions (git-fixes).
* x86/sev: Make enc_dec_hypercall() accept a size instead of npages
(bsc#1214635).
* x86/sgx: Reduce delay and interference of enclave release (git-fixes).
* x86/srso: Do not probe microcode in a guest (git-fixes).
* x86/srso: Fix SBPB enablement for spec_rstack_overflow=off (git-fixes).
* x86/srso: Fix srso_show_state() side effect (git-fixes).
* x86/srso: Set CPUID feature bits independently of bug or mitigation status
(git-fixes).
* x86/virt: Force GIF=1 prior to disabling SVM (for reboot flows) (git-fixes).
* xen: remove a confusing comment on auto-translated guest I/O (git-fixes).
* xprtrdma: Remap Receive buffers after a reconnect (git-fixes).
## Special Instructions and Notes:
* Please reboot the system after installing this update.
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2023-4058=1 SUSE-2023-4058=1
* Public Cloud Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2023-4058=1
## Package List:
* openSUSE Leap 15.5 (aarch64 x86_64)
* kselftests-kmp-azure-debuginfo-5.14.21-150500.33.20.1
* kernel-azure-debugsource-5.14.21-150500.33.20.1
* dlm-kmp-azure-5.14.21-150500.33.20.1
* reiserfs-kmp-azure-5.14.21-150500.33.20.1
* kernel-azure-devel-5.14.21-150500.33.20.1
* ocfs2-kmp-azure-debuginfo-5.14.21-150500.33.20.1
* kernel-azure-extra-debuginfo-5.14.21-150500.33.20.1
* ocfs2-kmp-azure-5.14.21-150500.33.20.1
* kernel-azure-devel-debuginfo-5.14.21-150500.33.20.1
* cluster-md-kmp-azure-debuginfo-5.14.21-150500.33.20.1
* kernel-azure-livepatch-devel-5.14.21-150500.33.20.1
* kselftests-kmp-azure-5.14.21-150500.33.20.1
* gfs2-kmp-azure-5.14.21-150500.33.20.1
* reiserfs-kmp-azure-debuginfo-5.14.21-150500.33.20.1
* gfs2-kmp-azure-debuginfo-5.14.21-150500.33.20.1
* cluster-md-kmp-azure-5.14.21-150500.33.20.1
* kernel-azure-optional-debuginfo-5.14.21-150500.33.20.1
* kernel-azure-optional-5.14.21-150500.33.20.1
* kernel-syms-azure-5.14.21-150500.33.20.1
* dlm-kmp-azure-debuginfo-5.14.21-150500.33.20.1
* kernel-azure-extra-5.14.21-150500.33.20.1
* kernel-azure-debuginfo-5.14.21-150500.33.20.1
* openSUSE Leap 15.5 (aarch64 nosrc x86_64)
* kernel-azure-5.14.21-150500.33.20.1
* openSUSE Leap 15.5 (x86_64)
* kernel-azure-vdso-debuginfo-5.14.21-150500.33.20.1
* kernel-azure-vdso-5.14.21-150500.33.20.1
* openSUSE Leap 15.5 (noarch)
* kernel-source-azure-5.14.21-150500.33.20.1
* kernel-devel-azure-5.14.21-150500.33.20.1
* Public Cloud Module 15-SP5 (aarch64 nosrc x86_64)
* kernel-azure-5.14.21-150500.33.20.1
* Public Cloud Module 15-SP5 (aarch64 x86_64)
* kernel-azure-debugsource-5.14.21-150500.33.20.1
* kernel-azure-devel-debuginfo-5.14.21-150500.33.20.1
* kernel-azure-devel-5.14.21-150500.33.20.1
* kernel-syms-azure-5.14.21-150500.33.20.1
* kernel-azure-debuginfo-5.14.21-150500.33.20.1
* Public Cloud Module 15-SP5 (noarch)
* kernel-source-azure-5.14.21-150500.33.20.1
* kernel-devel-azure-5.14.21-150500.33.20.1
## References:
* https://www.suse.com/security/cve/CVE-2023-1192.html
* https://www.suse.com/security/cve/CVE-2023-1206.html
* https://www.suse.com/security/cve/CVE-2023-1859.html
* https://www.suse.com/security/cve/CVE-2023-2177.html
* https://www.suse.com/security/cve/CVE-2023-37453.html
* https://www.suse.com/security/cve/CVE-2023-39192.html
* https://www.suse.com/security/cve/CVE-2023-39193.html
* https://www.suse.com/security/cve/CVE-2023-39194.html
* https://www.suse.com/security/cve/CVE-2023-40283.html
* https://www.suse.com/security/cve/CVE-2023-4155.html
* https://www.suse.com/security/cve/CVE-2023-42753.html
* https://www.suse.com/security/cve/CVE-2023-42754.html
* https://www.suse.com/security/cve/CVE-2023-4389.html
* https://www.suse.com/security/cve/CVE-2023-4622.html
* https://www.suse.com/security/cve/CVE-2023-4623.html
* https://www.suse.com/security/cve/CVE-2023-4881.html
* https://www.suse.com/security/cve/CVE-2023-4921.html
* https://www.suse.com/security/cve/CVE-2023-5345.html
* https://bugzilla.suse.com/show_bug.cgi?id=1065729
* https://bugzilla.suse.com/show_bug.cgi?id=1152472
* https://bugzilla.suse.com/show_bug.cgi?id=1187236
* https://bugzilla.suse.com/show_bug.cgi?id=1201284
* https://bugzilla.suse.com/show_bug.cgi?id=1202845
* https://bugzilla.suse.com/show_bug.cgi?id=1206453
* https://bugzilla.suse.com/show_bug.cgi?id=1208995
* https://bugzilla.suse.com/show_bug.cgi?id=1210169
* https://bugzilla.suse.com/show_bug.cgi?id=1210643
* https://bugzilla.suse.com/show_bug.cgi?id=1210658
* https://bugzilla.suse.com/show_bug.cgi?id=1212639
* https://bugzilla.suse.com/show_bug.cgi?id=1212703
* https://bugzilla.suse.com/show_bug.cgi?id=1213123
* https://bugzilla.suse.com/show_bug.cgi?id=1213534
* https://bugzilla.suse.com/show_bug.cgi?id=1213808
* https://bugzilla.suse.com/show_bug.cgi?id=1214022
* https://bugzilla.suse.com/show_bug.cgi?id=1214037
* https://bugzilla.suse.com/show_bug.cgi?id=1214040
* https://bugzilla.suse.com/show_bug.cgi?id=1214233
* https://bugzilla.suse.com/show_bug.cgi?id=1214351
* https://bugzilla.suse.com/show_bug.cgi?id=1214479
* https://bugzilla.suse.com/show_bug.cgi?id=1214543
* https://bugzilla.suse.com/show_bug.cgi?id=1214635
* https://bugzilla.suse.com/show_bug.cgi?id=1214813
* https://bugzilla.suse.com/show_bug.cgi?id=1214873
* https://bugzilla.suse.com/show_bug.cgi?id=1214928
* https://bugzilla.suse.com/show_bug.cgi?id=1214940
* https://bugzilla.suse.com/show_bug.cgi?id=1214941
* https://bugzilla.suse.com/show_bug.cgi?id=1214942
* https://bugzilla.suse.com/show_bug.cgi?id=1214943
* https://bugzilla.suse.com/show_bug.cgi?id=1214944
* https://bugzilla.suse.com/show_bug.cgi?id=1214945
* https://bugzilla.suse.com/show_bug.cgi?id=1214946
* https://bugzilla.suse.com/show_bug.cgi?id=1214947
* https://bugzilla.suse.com/show_bug.cgi?id=1214948
* https://bugzilla.suse.com/show_bug.cgi?id=1214949
* https://bugzilla.suse.com/show_bug.cgi?id=1214950
* https://bugzilla.suse.com/show_bug.cgi?id=1214951
* https://bugzilla.suse.com/show_bug.cgi?id=1214952
* https://bugzilla.suse.com/show_bug.cgi?id=1214953
* https://bugzilla.suse.com/show_bug.cgi?id=1214954
* https://bugzilla.suse.com/show_bug.cgi?id=1214955
* https://bugzilla.suse.com/show_bug.cgi?id=1214957
* https://bugzilla.suse.com/show_bug.cgi?id=1214958
* https://bugzilla.suse.com/show_bug.cgi?id=1214959
* https://bugzilla.suse.com/show_bug.cgi?id=1214961
* https://bugzilla.suse.com/show_bug.cgi?id=1214962
* https://bugzilla.suse.com/show_bug.cgi?id=1214963
* https://bugzilla.suse.com/show_bug.cgi?id=1214964
* https://bugzilla.suse.com/show_bug.cgi?id=1214965
* https://bugzilla.suse.com/show_bug.cgi?id=1214966
* https://bugzilla.suse.com/show_bug.cgi?id=1214967
* https://bugzilla.suse.com/show_bug.cgi?id=1214986
* https://bugzilla.suse.com/show_bug.cgi?id=1214988
* https://bugzilla.suse.com/show_bug.cgi?id=1214990
* https://bugzilla.suse.com/show_bug.cgi?id=1214991
* https://bugzilla.suse.com/show_bug.cgi?id=1214992
* https://bugzilla.suse.com/show_bug.cgi?id=1214993
* https://bugzilla.suse.com/show_bug.cgi?id=1214995
* https://bugzilla.suse.com/show_bug.cgi?id=1214997
* https://bugzilla.suse.com/show_bug.cgi?id=1214998
* https://bugzilla.suse.com/show_bug.cgi?id=1215115
* https://bugzilla.suse.com/show_bug.cgi?id=1215117
* https://bugzilla.suse.com/show_bug.cgi?id=1215123
* https://bugzilla.suse.com/show_bug.cgi?id=1215124
* https://bugzilla.suse.com/show_bug.cgi?id=1215148
* https://bugzilla.suse.com/show_bug.cgi?id=1215150
* https://bugzilla.suse.com/show_bug.cgi?id=1215221
* https://bugzilla.suse.com/show_bug.cgi?id=1215275
* https://bugzilla.suse.com/show_bug.cgi?id=1215322
* https://bugzilla.suse.com/show_bug.cgi?id=1215467
* https://bugzilla.suse.com/show_bug.cgi?id=1215523
* https://bugzilla.suse.com/show_bug.cgi?id=1215581
* https://bugzilla.suse.com/show_bug.cgi?id=1215752
* https://bugzilla.suse.com/show_bug.cgi?id=1215858
* https://bugzilla.suse.com/show_bug.cgi?id=1215860
* https://bugzilla.suse.com/show_bug.cgi?id=1215861
* https://bugzilla.suse.com/show_bug.cgi?id=1215875
* https://bugzilla.suse.com/show_bug.cgi?id=1215877
* https://bugzilla.suse.com/show_bug.cgi?id=1215894
* https://bugzilla.suse.com/show_bug.cgi?id=1215895
* https://bugzilla.suse.com/show_bug.cgi?id=1215896
* https://bugzilla.suse.com/show_bug.cgi?id=1215899
* https://bugzilla.suse.com/show_bug.cgi?id=1215911
* https://bugzilla.suse.com/show_bug.cgi?id=1215915
* https://bugzilla.suse.com/show_bug.cgi?id=1215916
* https://bugzilla.suse.com/show_bug.cgi?id=1215941
* https://bugzilla.suse.com/show_bug.cgi?id=1215956
* https://bugzilla.suse.com/show_bug.cgi?id=1215957
* https://jira.suse.com/browse/PED-1549
* https://jira.suse.com/browse/PED-2023
* https://jira.suse.com/browse/PED-2025
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20231012/111930b7/attachment-0001.htm>
More information about the sle-security-updates
mailing list