<div class="container">
<h1>Security update for the Linux Kernel</h1>
<table class="table table-striped table-bordered">
<tbody>
<tr>
<th>Announcement ID:</th>
<td>SUSE-SU-2023:3172-1</td>
</tr>
<tr>
<th>Rating:</th>
<td>important</td>
</tr>
<tr>
<th>References:</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1150305">#1150305</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1193629">#1193629</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1194869">#1194869</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1207894">#1207894</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208788">#1208788</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1211243">#1211243</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1211867">#1211867</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1212256">#1212256</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1212301">#1212301</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1212525">#1212525</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1212846">#1212846</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1212905">#1212905</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213059">#1213059</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213061">#1213061</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213205">#1213205</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213206">#1213206</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213226">#1213226</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213233">#1213233</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213245">#1213245</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213247">#1213247</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213252">#1213252</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213258">#1213258</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213259">#1213259</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213263">#1213263</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213264">#1213264</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213286">#1213286</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213493">#1213493</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213523">#1213523</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213524">#1213524</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213533">#1213533</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213543">#1213543</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213705">#1213705</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>
Cross-References:
</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-20593.html">CVE-2023-20593</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-2985.html">CVE-2023-2985</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-3117.html">CVE-2023-3117</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-31248.html">CVE-2023-31248</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-3390.html">CVE-2023-3390</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-35001.html">CVE-2023-35001</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-3812.html">CVE-2023-3812</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>CVSS scores:</th>
<td>
<ul class="list-group">
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-20593</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">6.2</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-20593</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">5.5</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-2985</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">6.4</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-2985</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">5.5</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-3117</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">7.8</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-3117</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">7.8</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-31248</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">7.8</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-31248</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">7.8</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-3390</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">7.8</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-3390</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">7.8</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-35001</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">7.8</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-35001</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">7.8</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-3812</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">7.8</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-3812</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">7.8</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span>
</li>
</ul>
</td>
</tr>
<tr>
<th>Affected Products:</th>
<td>
<ul class="list-group">
<li class="list-group-item">Basesystem Module 15-SP5</li>
<li class="list-group-item">Development Tools Module 15-SP5</li>
<li class="list-group-item">Legacy Module 15-SP5</li>
<li class="list-group-item">openSUSE Leap 15.5</li>
<li class="list-group-item">SUSE Linux Enterprise Desktop 15 SP5</li>
<li class="list-group-item">SUSE Linux Enterprise High Availability Extension 15 SP5</li>
<li class="list-group-item">SUSE Linux Enterprise High Performance Computing 15 SP5</li>
<li class="list-group-item">SUSE Linux Enterprise Live Patching 15-SP5</li>
<li class="list-group-item">SUSE Linux Enterprise Micro 5.5</li>
<li class="list-group-item">SUSE Linux Enterprise Real Time 15 SP5</li>
<li class="list-group-item">SUSE Linux Enterprise Server 15 SP5</li>
<li class="list-group-item">SUSE Linux Enterprise Server for SAP Applications 15 SP5</li>
<li class="list-group-item">SUSE Linux Enterprise Workstation Extension 15 SP5</li>
</ul>
</td>
</tr>
</tbody>
</table>
<p>An update that solves seven vulnerabilities, contains two features and has 25 fixes can now be installed.</p>
<h2>Description:</h2>
<p>The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes.</p>
<p>The following security bugs were fixed:</p>
<ul>
<li>CVE-2023-2985: Fixed an use-after-free vulnerability in hfsplus_put_super in fs/hfsplus/super.c that could allow a local user to cause a denial of service (bsc#1211867).</li>
<li>CVE-2023-3117: Fixed an use-after-free vulnerability in the netfilter subsystem when processing named and anonymous sets in batch requests that could allow a local user with CAP_NET_ADMIN capability to crash or potentially escalate their privileges on the system (bsc#1213245).</li>
<li>CVE-2023-3390: Fixed an use-after-free vulnerability in the netfilter subsystem in net/netfilter/nf_tables_api.c that could allow a local attacker with user access to cause a privilege escalation issue (bsc#1212846).</li>
<li>CVE-2023-3812: Fixed an out-of-bounds memory access flaw in the TUN/TAP device driver functionality that could allow a local user to crash or potentially escalate their privileges on the system (bsc#1213543).</li>
<li>CVE-2023-20593: Fixed a ZenBleed issue in "Zen 2" CPUs that could allow an attacker to potentially access sensitive information (bsc#1213286).</li>
<li>CVE-2023-31248: Fixed an use-after-free vulnerability in nft_chain_lookup_byid that could allow a local attacker to escalate their privilege (bsc#1213061).</li>
<li>CVE-2023-35001: Fixed an out-of-bounds memory access flaw in nft_byteorder that could allow a local attacker to escalate their privilege (bsc#1213059).</li>
</ul>
<p>The following non-security bugs were fixed:</p>
<ul>
<li>Dropped patch that caused issues with k3s (bsc#1213705).</li>
<li>ASoC: Intel: sof_sdw: remove SOF_SDW_TGL_HDMI for MeteorLake devices (git-fixes).</li>
<li>ASoC: SOF: topology: Fix logic for copying tuples (git-fixes).</li>
<li>Bluetooth: ISO: Fix CIG auto-allocation to select configurable CIG (git-fixes).</li>
<li>Bluetooth: ISO: consider right CIS when removing CIG at cleanup (git-fixes).</li>
<li>Bluetooth: ISO: fix iso_conn related locking and validity issues (git-fixes).</li>
<li>Bluetooth: ISO: use hci_sync for setting CIG parameters (git-fixes).</li>
<li>Bluetooth: fix invalid-bdaddr quirk for non-persistent setup (git-fixes).</li>
<li>Bluetooth: fix use-bdaddr-property quirk (git-fixes).</li>
<li>Bluetooth: hci_bcm: do not mark valid bd_addr as invalid (git-fixes).</li>
<li>Bluetooth: hci_event: call disconnect callback before deleting conn (git-fixes).</li>
<li>Bluetooth: hci_sync: Avoid use-after-free in dbg for hci_remove_adv_monitor() (git-fixes).</li>
<li>Bluetooth: use RCU for hci_conn_params and iterate safely in hci_sync (git-fixes).</li>
<li>Enable NXP SNVS RTC driver for i.MX 8MQ/8MP (jsc#PED-4758)</li>
<li>PCI: s390: Fix use-after-free of PCI resources with per-function hotplug (bsc#1212525).</li>
<li>PCI: vmd: Fix uninitialized variable usage in vmd_enable_domain() (git-fixes).</li>
<li>Revert "arm64: dts: zynqmp: Add address-cells property to interrupt (git-fixes)</li>
<li>Revert "drm/i915: Disable DSB usage for now" (git-fixes).</li>
<li>USB: dwc2: Fix some error handling paths (git-fixes).</li>
<li>USB: gadget: udc: core: Offload usb_udc_vbus_handler processing (git-fixes).</li>
<li>USB: gadget: udc: core: Prevent soft_connect_store() race (git-fixes).</li>
<li>USB: typec: Fix fast_role_swap_current show function (git-fixes).</li>
<li>Update config and supported.conf files due to renaming.</li>
<li>acpi: Fix suspend with Xen PV (git-fixes).</li>
<li>adreno: Shutdown the GPU properly (git-fixes).</li>
<li>arm64/mm: mark private VM_FAULT_X defines as vm_fault_t (git-fixes)</li>
<li>arm64: dts: microchip: sparx5: do not use PSCI on reference boards (git-fixes)</li>
<li>arm64: vdso: Pass (void *) to virt_to_page() (git-fixes)</li>
<li>arm64: xor-neon: mark xor_arm64_neon_*() static (git-fixes)</li>
<li>can: bcm: Fix UAF in bcm_proc_show() (git-fixes).</li>
<li>ceph: add a dedicated private data for netfs rreq (bsc#1213205).</li>
<li>ceph: fix blindly expanding the readahead windows (bsc#1213206).</li>
<li>cifs: add a warning when the in-flight count goes negative (bsc#1193629).</li>
<li>cifs: address unused variable warning (bsc#1193629).</li>
<li>cifs: do all necessary checks for credits within or before locking (bsc#1193629).</li>
<li>cifs: fix lease break oops in xfstest generic/098 (bsc#1193629).</li>
<li>cifs: fix max_credits implementation (bsc#1193629).</li>
<li>cifs: fix session state check in reconnect to avoid use-after-free issue (bsc#1193629).</li>
<li>cifs: fix session state check in smb2_find_smb_ses (bsc#1193629).</li>
<li>cifs: fix session state transition to avoid use-after-free issue (bsc#1193629).</li>
<li>cifs: fix sockaddr comparison in iface_cmp (bsc#1193629).</li>
<li>cifs: fix status checks in cifs_tree_connect (bsc#1193629).</li>
<li>cifs: log session id when a matching ses is not found (bsc#1193629).</li>
<li>cifs: new dynamic tracepoint to track ses not found errors (bsc#1193629).</li>
<li>cifs: prevent use-after-free by freeing the cfile later (bsc#1193629).</li>
<li>cifs: print all credit counters in DebugData (bsc#1193629).</li>
<li>cifs: print client_guid in DebugData (bsc#1193629).</li>
<li>cifs: print more detail when invalidate_inode_mapping fails (bsc#1193629).</li>
<li>cifs: print nosharesock value while dumping mount options (bsc#1193629).</li>
<li>codel: fix kernel-doc notation warnings (git-fixes).</li>
<li>cpufreq: tegra194: Fix module loading (git-fixes).</li>
<li>devlink: fix kernel-doc notation warnings (git-fixes).</li>
<li>dma-buf/dma-resv: Stop leaking on krealloc() failure (git-fixes).</li>
<li>drm/amd/amdgpu: introduce gc_*_mes_2.bin v2 (git-fixes).</li>
<li>drm/amd/amdgpu: limit one queue per gang (git-fixes).</li>
<li>drm/amd/amdgpu: update mes11 api def (git-fixes).</li>
<li>drm/amd/display (gcc13): fix enum mismatch (git-fixes).</li>
<li>drm/amd/display: Add Z8 allow states to z-state support list (git-fixes).</li>
<li>drm/amd/display: Add debug option to skip PSR CRTC disable (git-fixes).</li>
<li>drm/amd/display: Add minimum Z8 residency debug option (git-fixes).</li>
<li>drm/amd/display: Add missing WA and MCLK validation (git-fixes).</li>
<li>drm/amd/display: Change default Z8 watermark values (git-fixes).</li>
<li>drm/amd/display: Correct DML calculation to align HW formula (git-fixes).</li>
<li>drm/amd/display: Correct DML calculation to follow HW SPEC (git-fixes).</li>
<li>drm/amd/display: Do not update DRR while BW optimizations pending (git-fixes).</li>
<li>drm/amd/display: Enable HostVM based on rIOMMU active (git-fixes).</li>
<li>drm/amd/display: Enforce 60us prefetch for 200Mhz DCFCLK modes (git-fixes).</li>
<li>drm/amd/display: Ensure vmin and vmax adjust for DCE (git-fixes).</li>
<li>drm/amd/display: Fix 4to1 MPC black screen with DPP RCO (git-fixes).</li>
<li>drm/amd/display: Fix Z8 support configurations (git-fixes).</li>
<li>drm/amd/display: Fix a test CalculatePrefetchSchedule() (git-fixes).</li>
<li>drm/amd/display: Fix a test dml32_rq_dlg_get_rq_reg() (git-fixes).</li>
<li>drm/amd/display: Have Payload Properly Created After Resume (git-fixes).</li>
<li>drm/amd/display: Lowering min Z8 residency time (git-fixes).</li>
<li>drm/amd/display: Reduce sdp bw after urgent to 90% (git-fixes).</li>
<li>drm/amd/display: Refactor eDP PSR codes (git-fixes).</li>
<li>drm/amd/display: Remove FPU guards from the DML folder (git-fixes).</li>
<li>drm/amd/display: Remove optimization for VRR updates (git-fixes).</li>
<li>drm/amd/display: Remove stutter only configurations (git-fixes).</li>
<li>drm/amd/display: Update Z8 SR exit/enter latencies (git-fixes).</li>
<li>drm/amd/display: Update Z8 watermarks for DCN314 (git-fixes).</li>
<li>drm/amd/display: Update minimum stutter residency for DCN314 Z8 (git-fixes).</li>
<li>drm/amd/display: filter out invalid bits in pipe_fuses (git-fixes).</li>
<li>drm/amd/display: fix PSR-SU/DSC interoperability support (git-fixes).</li>
<li>drm/amd/display: fix a divided-by-zero error (git-fixes).</li>
<li>drm/amd/display: fixed dcn30+ underflow issue (git-fixes).</li>
<li>drm/amd/display: limit timing for single dimm memory (git-fixes).</li>
<li>drm/amd/display: populate subvp cmd info only for the top pipe (git-fixes).</li>
<li>drm/amd/display: set dcn315 lb bpp to 48 (git-fixes).</li>
<li>drm/amd/pm: add missing NotifyPowerSource message mapping for SMU13.0.7 (git-fixes).</li>
<li>drm/amd/pm: avoid potential UBSAN issue on legacy asics (git-fixes).</li>
<li>drm/amd/pm: conditionally disable pcie lane switching for some sienna_cichlid SKUs (git-fixes).</li>
<li>drm/amd/pm: fix possible power mode mismatch between driver and PMFW (git-fixes).</li>
<li>drm/amd/pm: resolve reboot exception for si oland (git-fixes).</li>
<li>drm/amd/pm: reverse mclk and fclk clocks levels for SMU v13.0.4 (git-fixes).</li>
<li>drm/amd/pm: reverse mclk clocks levels for SMU v13.0.5 (git-fixes).</li>
<li>drm/amd/pm: workaround for compute workload type on some skus (git-fixes).</li>
<li>drm/amd: Add a new helper for loading/validating microcode (git-fixes).</li>
<li>drm/amd: Do not allow s0ix on APUs older than Raven (git-fixes).</li>
<li>drm/amd: Load MES microcode during early_init (git-fixes).</li>
<li>drm/amd: Use <code>amdgpu_ucode_*</code> helpers for MES (git-fixes).</li>
<li>drm/amdgpu/gfx11: Adjust gfxoff before powergating on gfx11 as well (git-fixes).</li>
<li>drm/amdgpu/gfx11: update gpu_clock_counter logic (git-fixes).</li>
<li>drm/amdgpu/gfx: set cg flags to enter/exit safe mode (git-fixes).</li>
<li>drm/amdgpu/gmc11: implement get_vbios_fb_size() (git-fixes).</li>
<li>drm/amdgpu/jpeg: Remove harvest checking for JPEG3 (git-fixes).</li>
<li>drm/amdgpu/mes11: enable reg active poll (git-fixes).</li>
<li>drm/amdgpu/vcn: Disable indirect SRAM on Vangogh broken BIOSes (git-fixes).</li>
<li>drm/amdgpu/vkms: relax timer deactivation by hrtimer_try_to_cancel (git-fixes).</li>
<li>drm/amdgpu: Do not set struct drm_driver.output_poll_changed (git-fixes).</li>
<li>drm/amdgpu: Fix desktop freezed after gpu-reset (git-fixes).</li>
<li>drm/amdgpu: Fix memcpy() in sienna_cichlid_append_powerplay_table function (git-fixes).</li>
<li>drm/amdgpu: Fix sdma v4 sw fini error (git-fixes).</li>
<li>drm/amdgpu: Fix usage of UMC fill record in RAS (git-fixes).</li>
<li>drm/amdgpu: Force signal hw_fences that are embedded in non-sched jobs (git-fixes).</li>
<li>drm/amdgpu: add mes resume when do gfx post soft reset (git-fixes).</li>
<li>drm/amdgpu: change reserved vram info print (git-fixes).</li>
<li>drm/amdgpu: declare firmware for new MES 11.0.4 (git-fixes).</li>
<li>drm/amdgpu: enable tmz by default for GC 11.0.1 (git-fixes).</li>
<li>drm/amdgpu: fix amdgpu_irq_put call trace in gmc_v10_0_hw_fini (git-fixes).</li>
<li>drm/amdgpu: fix amdgpu_irq_put call trace in gmc_v11_0_hw_fini (git-fixes).</li>
<li>drm/amdgpu: fix an amdgpu_irq_put() issue in gmc_v9_0_hw_fini() (git-fixes).</li>
<li>drm/amdgpu: refine get gpu clock counter method (git-fixes).</li>
<li>drm/amdgpu: remove deprecated MES version vars (git-fixes).</li>
<li>drm/amdgpu: reserve the old gc_11_0_*_mes.bin (git-fixes).</li>
<li>drm/amdgpu: set gfx9 onwards APU atomics support to be true (git-fixes).</li>
<li>drm/amdgpu: vcn_4_0 set instance 0 init sched score to 1 (git-fixes).</li>
<li>drm/bridge: anx7625: Convert to i2c's .probe_new() (git-fixes).</li>
<li>drm/bridge: anx7625: Fix refcount bug in anx7625_parse_dt() (git-fixes).</li>
<li>drm/bridge: anx7625: Prevent endless probe loop (git-fixes).</li>
<li>drm/bridge: it6505: Move a variable assignment behind a null pointer check in receive_timing_debugfs_show() (git-fixes).</li>
<li>drm/bridge: tc358767: Switch to devm MIPI-DSI helpers (git-fixes).</li>
<li>drm/bridge: tc358768: Add atomic_get_input_bus_fmts() implementation (git-fixes).</li>
<li>drm/bridge: tc358768: fix TCLK_TRAILCNT computation (git-fixes).</li>
<li>drm/bridge: tc358768: fix THS_TRAILCNT computation (git-fixes).</li>
<li>drm/bridge: tc358768: fix THS_ZEROCNT computation (git-fixes).</li>
<li>drm/bridge: ti-sn65dsi83: Fix enable error path (git-fixes).</li>
<li>drm/client: Fix memory leak in drm_client_target_cloned (git-fixes).</li>
<li>drm/display/dp_mst: Fix payload addition on a disconnected sink (git-fixes).</li>
<li>drm/display: Do not block HDR_OUTPUT_METADATA on unknown EOTF (git-fixes).</li>
<li>drm/drm_vma_manager: Add drm_vma_node_allow_once() (git-fixes).</li>
<li>drm/dsc: fix DP_DSC_MAX_BPP_DELTA_* macro values (git-fixes).</li>
<li>drm/dsc: fix drm_edp_dsc_sink_output_bpp() DPCD high byte usage (git-fixes).</li>
<li>drm/etnaviv: move idle mapping reaping into separate function (git-fixes).</li>
<li>drm/etnaviv: reap idle mapping if it does not match the softpin address (git-fixes).</li>
<li>drm/i915/dp_mst: Add the MST topology state for modesetted CRTCs (bsc#1213493).</li>
<li>drm/i915/fbdev: lock the fbdev obj before vma pin (git-fixes).</li>
<li>drm/i915/gt: Cleanup partial engine discovery failures (git-fixes).</li>
<li>drm/i915/guc: Add error-capture init warnings when needed (git-fixes).</li>
<li>drm/i915/guc: Fix missing ecodes (git-fixes).</li>
<li>drm/i915/guc: Limit scheduling properties to avoid overflow (git-fixes).</li>
<li>drm/i915/guc: Rename GuC register state capture node to be more obvious (git-fixes).</li>
<li>drm/i915/mtl: update scaler source and destination limits for MTL (git-fixes).</li>
<li>drm/i915/sdvo: Grab mode_config.mutex during LVDS init to avoid WARNs (git-fixes).</li>
<li>drm/i915/sseu: fix max_subslices array-index-out-of-bounds access (git-fixes).</li>
<li>drm/i915/tc: Fix TC port link ref init for DP MST during HW readout (git-fixes).</li>
<li>drm/i915: Allow panel fixed modes to have differing sync polarities (git-fixes).</li>
<li>drm/i915: Check pipe source size when using skl+ scalers (git-fixes).</li>
<li>drm/i915: Do panel VBT init early if the VBT declares an explicit panel type (git-fixes).</li>
<li>drm/i915: Fix TypeC mode initialization during system resume (git-fixes).</li>
<li>drm/i915: Fix a memory leak with reused mmap_offset (git-fixes).</li>
<li>drm/i915: Fix negative value passed as remaining time (git-fixes).</li>
<li>drm/i915: Fix one wrong caching mode enum usage (git-fixes).</li>
<li>drm/i915: Introduce intel_panel_init_alloc() (git-fixes).</li>
<li>drm/i915: Never return 0 if not all requests retired (git-fixes).</li>
<li>drm/i915: Populate encoder->devdata for DSI on icl+ (git-fixes).</li>
<li>drm/i915: Print return value on error (git-fixes).</li>
<li>drm/i915: Use _MMIO_PIPE() for SKL_BOTTOM_COLOR (git-fixes).</li>
<li>drm/meson: Fix return type of meson_encoder_cvbs_mode_valid() (git-fixes).</li>
<li>drm/msm/a5xx: really check for A510 in a5xx_gpu_init (git-fixes).</li>
<li>drm/msm/adreno: Simplify read64/write64 helpers (git-fixes).</li>
<li>drm/msm/adreno: fix runtime PM imbalance at unbind (git-fixes).</li>
<li>drm/msm/disp/dpu: get timing engine status from intf status register (git-fixes).</li>
<li>drm/msm/dpu: Add DSC hardware blocks to register snapshot (git-fixes).</li>
<li>drm/msm/dpu: Assign missing writeback log_mask (git-fixes).</li>
<li>drm/msm/dpu: Set DPU_DATA_HCTL_EN for in INTF_SC7180_MASK (git-fixes).</li>
<li>drm/msm/dpu: clean up dpu_kms_get_clk_rate() returns (git-fixes).</li>
<li>drm/msm/dpu: set DSC flush bit correctly at MDP CTL flush register (git-fixes).</li>
<li>drm/msm/hdmi: use devres helper for runtime PM management (git-fixes).</li>
<li>drm/panel: boe-tv101wum-nl6: Ensure DSI writes succeed during disable (git-fixes).</li>
<li>drm/panel: simple: Add Powertip PH800480T013 drm_display_mode flags (git-fixes).</li>
<li>drm/panel: simple: Add connector_type for innolux_at043tn24 (git-fixes).</li>
<li>drm/rockchip: dw_hdmi: cleanup drm encoder during unbind (git-fixes).</li>
<li>drm/ttm: Do not leak a resource on swapout move error (git-fixes).</li>
<li>drm/virtio: Fix memory leak in virtio_gpu_object_create() (git-fixes).</li>
<li>drm/virtio: Simplify error handling of virtio_gpu_object_create() (git-fixes).</li>
<li>drm/vmwgfx: Refactor resource manager's hashtable to use linux/hashtable implementation (git-fixes).</li>
<li>drm/vmwgfx: Refactor resource validation hashtable to use linux/hashtable implementation (git-fixes).</li>
<li>drm/vmwgfx: Refactor ttm reference object hashtable to use linux/hashtable (git-fixes).</li>
<li>drm/vmwgfx: Remove ttm object hashtable (git-fixes).</li>
<li>drm/vmwgfx: Remove vmwgfx_hashtab (git-fixes).</li>
<li>drm/vmwgfx: Write the driver id registers (git-fixes).</li>
<li>drm: Add fixed-point helper to get rounded integer values (git-fixes).</li>
<li>drm: Add missing DP DSC extended capability definitions (git-fixes).</li>
<li>drm: Optimize drm buddy top-down allocation method (git-fixes).</li>
<li>drm: buddy_allocator: Fix buddy allocator init on 32-bit systems (git-fixes).</li>
<li>drm: panel-orientation-quirks: Add quirk for DynaBook K50 (git-fixes).</li>
<li>drm: rcar-du: Add quirk for H3 ES1.x pclk workaround (git-fixes).</li>
<li>drm: rcar-du: Fix setting a reserved bit in DPLLCR (git-fixes).</li>
<li>drm: use mgr->dev in drm_dbg_kms in drm_dp_add_payload_part2 (git-fixes).</li>
<li>fuse: ioctl: translate ENOSYS in outarg (bsc#1213524).</li>
<li>fuse: revalidate: do not invalidate if interrupted (bsc#1213523).</li>
<li>i2c: tegra: Set ACPI node as primary fwnode (bsc#1213226).</li>
<li>irqchip/gic-v3: Claim iomem resources (bsc#1213533)</li>
<li>irqchip/gicv3: Handle resource request failure consistently (bsc#1213533)</li>
<li>irqchip/gicv3: Workaround for NVIDIA erratum T241-FABRIC-4 (bsc#1213533)</li>
<li>kABI: do not check external trampolines for signature (kabi bsc#1207894 bsc#1211243).</li>
<li>kabi/severities: Add VAS symbols changed due to recent fix VAS accelerators are directly tied to the architecture, there is no reason to have out-of-tree production drivers</li>
<li>kabi/severities: ignore kABI of i915 module It's exported only for its sub-module, not really used by externals</li>
<li>kabi/severities: ignore kABI of vmwgfx The driver exports a function unnecessarily without used by anyone else. Ignore the kABI changes.</li>
<li>memcg: drop kmem.limit_in_bytes (bsc#1208788, bsc#1212905).</li>
<li>net: mana: Add support for vlan tagging (bsc#1212301).</li>
<li>net: phy: prevent stale pointer dereference in phy_init() (git-fixes).</li>
<li>net: qrtr: Fix an uninit variable access bug in qrtr_tx_resume() (git-fixes).</li>
<li>net: qrtr: start MHI channel after endpoit creation (git-fixes).</li>
<li>nilfs2: reject devices with insufficient block count (git-fixes).</li>
<li>ocfs2: Switch to security_inode_init_security() (git-fixes).</li>
<li>ocfs2: check new file size on fallocate call (git-fixes).</li>
<li>ocfs2: fix use-after-free when unmounting read-only filesystem (git-fixes).</li>
<li>perf/x86/amd/core: Always clear status for idx (bsc#1213233).</li>
<li>pie: fix kernel-doc notation warning (git-fixes).</li>
<li>powerpc/64: Only WARN if __pa()/__va() called with bad addresses (bsc#1194869).</li>
<li>powerpc/64s: Fix VAS mm use after free (bsc#1194869).</li>
<li>powerpc/book3s64/mm: Fix DirectMap stats in /proc/meminfo (bsc#1194869).</li>
<li>powerpc/bpf: Fix use of user_pt_regs in uapi (bsc#1194869).</li>
<li>powerpc/ftrace: Remove ftrace init tramp once kernel init is complete (bsc#1194869).</li>
<li>powerpc/interrupt: Do not read MSR from interrupt_exit_kernel_prepare() (bsc#1194869).</li>
<li>powerpc/mm/dax: Fix the condition when checking if altmap vmemap can cross-boundary (bsc#1150305 ltc#176097 git-fixes).</li>
<li>powerpc/mm: Switch obsolete dssall to .long (bsc#1194869).</li>
<li>powerpc/powernv/sriov: perform null check on iov before dereferencing iov (bsc#1194869).</li>
<li>powerpc/powernv/vas: Assign real address to rx_fifo in vas_rx_win_attr (bsc#1194869).</li>
<li>powerpc/prom_init: Fix kernel config grep (bsc#1194869).</li>
<li>powerpc/pseries/vas: Hold mmap_mutex after mmap lock during window close (jsc#PED-542 git-fixes).</li>
<li>powerpc/secvar: fix refcount leak in format_show() (bsc#1194869).</li>
<li>powerpc/xics: fix refcount leak in icp_opal_init() (bsc#1194869).</li>
<li>powerpc: clean vdso32 and vdso64 directories (bsc#1194869).</li>
<li>powerpc: define get_cycles macro for arch-override (bsc#1194869).</li>
<li>powerpc: update ppc_save_regs to save current r1 in pt_regs (bsc#1194869).</li>
<li>rpm/check-for-config-changes: ignore also RISCV_ISA_<em> and DYNAMIC_SIGFRAME They depend on CONFIG_TOOLCHAIN_HAS_</em>.</li>
<li>rsi: remove kernel-doc comment marker (git-fixes).</li>
<li>s390/ap: fix status returned by ap_aqic() (git-fixes bsc#1213259).</li>
<li>s390/ap: fix status returned by ap_qact() (git-fixes bsc#1213258).</li>
<li>s390/debug: add <em>ASM_S390</em> prefix to header guard (git-fixes bsc#1213263).</li>
<li>s390/pci: clean up left over special treatment for function zero (bsc#1212525).</li>
<li>s390/pci: only add specific device in zpci_bus_scan_device() (bsc#1212525).</li>
<li>s390/pci: remove redundant pci_bus_add_devices() on new bus (bsc#1212525).</li>
<li>s390/percpu: add READ_ONCE() to arch_this_cpu_to_op_simple() (git-fixes bsc#1213252).</li>
<li>s390: define RUNTIME_DISCARD_EXIT to fix link error with GNU ld < 2.36 (git-fixes bsc#1213264).</li>
<li>s390: discard .interp section (git-fixes bsc#1213247).</li>
<li>security: keys: Modify mismatched function name (git-fixes).</li>
<li>selftests/ir: fix build with ancient kernel headers (git-fixes).</li>
<li>selftests: cgroup: fix unsigned comparison with less than zero (git-fixes).</li>
<li>selftests: forwarding: Fix packet matching in mirroring selftests (git-fixes).</li>
<li>selftests: tc: add 'ct' action kconfig dep (git-fixes).</li>
<li>selftests: tc: add ConnTrack procfs kconfig (git-fixes).</li>
<li>selftests: tc: set timeout to 15 minutes (git-fixes).</li>
<li>signal/powerpc: On swapcontext failure force SIGSEGV (bsc#1194869).</li>
<li>signal: Replace force_sigsegv(SIGSEGV) with force_fatal_sig(SIGSEGV) (bsc#1194869).</li>
<li>smb3: do not reserve too many oplock credits (bsc#1193629).</li>
<li>smb3: missing null check in SMB2_change_notify (bsc#1193629).</li>
<li>smb: client: fix broken file attrs with nodfs mounts (bsc#1193629).</li>
<li>smb: client: fix missed ses refcounting (git-fixes).</li>
<li>smb: client: fix parsing of source mount option (bsc#1193629).</li>
<li>smb: client: fix shared DFS root mounts with different prefixes (bsc#1193629).</li>
<li>smb: client: fix warning in CIFSFindFirst() (bsc#1193629).</li>
<li>smb: client: fix warning in CIFSFindNext() (bsc#1193629).</li>
<li>smb: client: fix warning in cifs_match_super() (bsc#1193629).</li>
<li>smb: client: fix warning in cifs_smb3_do_mount() (bsc#1193629).</li>
<li>smb: client: fix warning in generic_ip_connect() (bsc#1193629).</li>
<li>smb: client: improve DFS mount check (bsc#1193629).</li>
<li>smb: client: remove redundant pointer 'server' (bsc#1193629).</li>
<li>smb: delete an unnecessary statement (bsc#1193629).</li>
<li>smb: move client and server files to common directory fs/smb (bsc#1193629).</li>
<li>smb: remove obsolete comment (bsc#1193629).</li>
<li>soundwire: bus_type: Avoid lockdep assert in sdw_drv_probe() (git-fixes).</li>
<li>soundwire: cadence: Drain the RX FIFO after an IO timeout (git-fixes).</li>
<li>soundwire: stream: Add missing clear of alloc_slave_rt (git-fixes).</li>
<li>spi: bcm63xx: fix max prepend length (git-fixes).</li>
<li>swsmu/amdgpu_smu: Fix the wrong if-condition (git-fixes).</li>
<li>tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation (git-fixes).</li>
<li>wifi: airo: avoid uninitialized warning in airo_get_rate() (git-fixes).</li>
<li>wifi: ath10k: Trigger STA disconnect after reconfig complete on hardware restart (git-fixes).</li>
<li>wifi: ath11k: Add missing check for ioremap (git-fixes).</li>
<li>wifi: rtw89: debug: fix error code in rtw89_debug_priv_send_h2c_set() (git-fixes).</li>
<li>x86/amd_nb: Add PCI ID for family 19h model 78h (git-fixes).</li>
<li>x86/platform/uv: Add platform resolving #defines for misc GAM_MMIOH_REDIRECT* (bsc#1212256 jsc#PED-4718).</li>
<li>x86/platform/uv: Fix printed information in calc_mmioh_map (bsc#1212256 jsc#PED-4718).</li>
<li>x86/platform/uv: Helper functions for allocating and freeing conversion tables (bsc#1212256 jsc#PED-4718).</li>
<li>x86/platform/uv: Introduce helper function uv_pnode_to_socket (bsc#1212256 jsc#PED-4718).</li>
<li>x86/platform/uv: Remove remaining BUG_ON() and BUG() calls (bsc#1212256 jsc#PED-4718).</li>
<li>x86/platform/uv: UV support for sub-NUMA clustering (bsc#1212256 jsc#PED-4718).</li>
<li>x86/platform/uv: Update UV platform code for SNC (bsc#1212256 jsc#PED-4718).</li>
<li>x86/platform/uv: When searching for minimums, start at INT_MAX not 99999 (bsc#1212256 jsc#PED-4718).</li>
<li>x86: Fix .brk attribute in linker script (git-fixes).</li>
<li>xfs: clean up the rtbitmap fsmap backend (git-fixes).</li>
<li>xfs: do not deplete the reserve pool when trying to shrink the fs (git-fixes).</li>
<li>xfs: do not reverse order of items in bulk AIL insertion (git-fixes).</li>
<li>xfs: fix getfsmap reporting past the last rt extent (git-fixes).</li>
<li>xfs: fix integer overflows in the fsmap rtbitmap and logdev backends (git-fixes).</li>
<li>xfs: fix interval filtering in multi-step fsmap queries (git-fixes).</li>
<li>xfs: fix logdev fsmap query result filtering (git-fixes).</li>
<li>xfs: fix off-by-one error when the last rt extent is in use (git-fixes).</li>
<li>xfs: fix uninitialized variable access (git-fixes).</li>
<li>xfs: make fsmap backend function key parameters const (git-fixes).</li>
<li>xfs: make the record pointer passed to query_range functions const (git-fixes).</li>
<li>xfs: pass explicit mount pointer to rtalloc query functions (git-fixes).</li>
</ul>
<h2>Special Instructions and Notes:</h2>
<ul>
<li>Please reboot the system after installing this update.</li>
</ul>
<h2>Patch Instructions:</h2>
<p>
To install this SUSE Important update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".<br/>
Alternatively you can run the command listed for your product:
</p>
<ul class="list-group">
<li class="list-group-item">
openSUSE Leap 15.5
<br/>
<code>zypper in -t patch SUSE-2023-3172=1 openSUSE-SLE-15.5-2023-3172=1</code>
</li>
<li class="list-group-item">
Basesystem Module 15-SP5
<br/>
<code>zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2023-3172=1</code>
</li>
<li class="list-group-item">
Development Tools Module 15-SP5
<br/>
<code>zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2023-3172=1</code>
</li>
<li class="list-group-item">
Legacy Module 15-SP5
<br/>
<code>zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2023-3172=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise Live Patching 15-SP5
<br/>
<code>zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2023-3172=1</code>
<br/>
Please note that this is the initial kernel livepatch without fixes itself,
this package is later updated by separate standalone kernel livepatch
updates.
</li>
<li class="list-group-item">
SUSE Linux Enterprise High Availability Extension 15 SP5
<br/>
<code>zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2023-3172=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise Workstation Extension 15 SP5
<br/>
<code>zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2023-3172=1</code>
</li>
</ul>
<h2>Package List:</h2>
<ul>
<li>
openSUSE Leap 15.5 (noarch nosrc)
<ul>
<li>kernel-docs-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.5 (noarch)
<ul>
<li>kernel-source-5.14.21-150500.55.12.1</li>
<li>kernel-macros-5.14.21-150500.55.12.1</li>
<li>kernel-source-vanilla-5.14.21-150500.55.12.1</li>
<li>kernel-devel-5.14.21-150500.55.12.1</li>
<li>kernel-docs-html-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.5 (nosrc ppc64le x86_64)
<ul>
<li>kernel-debug-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.5 (ppc64le x86_64)
<ul>
<li>kernel-debug-devel-debuginfo-5.14.21-150500.55.12.1</li>
<li>kernel-debug-livepatch-devel-5.14.21-150500.55.12.1</li>
<li>kernel-debug-debugsource-5.14.21-150500.55.12.1</li>
<li>kernel-debug-debuginfo-5.14.21-150500.55.12.1</li>
<li>kernel-debug-devel-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.5 (x86_64)
<ul>
<li>kernel-debug-vdso-5.14.21-150500.55.12.1</li>
<li>kernel-default-vdso-debuginfo-5.14.21-150500.55.12.1</li>
<li>kernel-default-vdso-5.14.21-150500.55.12.1</li>
<li>kernel-debug-vdso-debuginfo-5.14.21-150500.55.12.1</li>
<li>kernel-kvmsmall-vdso-debuginfo-5.14.21-150500.55.12.1</li>
<li>kernel-kvmsmall-vdso-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.5 (aarch64 ppc64le x86_64)
<ul>
<li>kernel-kvmsmall-debugsource-5.14.21-150500.55.12.1</li>
<li>kernel-kvmsmall-devel-5.14.21-150500.55.12.1</li>
<li>kernel-default-base-5.14.21-150500.55.12.1.150500.6.4.2</li>
<li>kernel-default-base-rebuild-5.14.21-150500.55.12.1.150500.6.4.2</li>
<li>kernel-kvmsmall-livepatch-devel-5.14.21-150500.55.12.1</li>
<li>kernel-kvmsmall-devel-debuginfo-5.14.21-150500.55.12.1</li>
<li>kernel-kvmsmall-debuginfo-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
<ul>
<li>dlm-kmp-default-debuginfo-5.14.21-150500.55.12.1</li>
<li>ocfs2-kmp-default-debuginfo-5.14.21-150500.55.12.1</li>
<li>kernel-obs-build-debugsource-5.14.21-150500.55.12.1</li>
<li>dlm-kmp-default-5.14.21-150500.55.12.1</li>
<li>kernel-default-devel-debuginfo-5.14.21-150500.55.12.1</li>
<li>kernel-obs-build-5.14.21-150500.55.12.1</li>
<li>gfs2-kmp-default-debuginfo-5.14.21-150500.55.12.1</li>
<li>kernel-default-extra-5.14.21-150500.55.12.1</li>
<li>kernel-syms-5.14.21-150500.55.12.1</li>
<li>kernel-default-optional-5.14.21-150500.55.12.1</li>
<li>kselftests-kmp-default-5.14.21-150500.55.12.1</li>
<li>kernel-default-optional-debuginfo-5.14.21-150500.55.12.1</li>
<li>kernel-default-debugsource-5.14.21-150500.55.12.1</li>
<li>kernel-default-debuginfo-5.14.21-150500.55.12.1</li>
<li>reiserfs-kmp-default-5.14.21-150500.55.12.1</li>
<li>kselftests-kmp-default-debuginfo-5.14.21-150500.55.12.1</li>
<li>kernel-default-extra-debuginfo-5.14.21-150500.55.12.1</li>
<li>kernel-default-livepatch-devel-5.14.21-150500.55.12.1</li>
<li>kernel-default-livepatch-5.14.21-150500.55.12.1</li>
<li>cluster-md-kmp-default-debuginfo-5.14.21-150500.55.12.1</li>
<li>reiserfs-kmp-default-debuginfo-5.14.21-150500.55.12.1</li>
<li>ocfs2-kmp-default-5.14.21-150500.55.12.1</li>
<li>cluster-md-kmp-default-5.14.21-150500.55.12.1</li>
<li>kernel-obs-qa-5.14.21-150500.55.12.1</li>
<li>kernel-default-devel-5.14.21-150500.55.12.1</li>
<li>gfs2-kmp-default-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 nosrc)
<ul>
<li>kernel-default-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.5 (aarch64 nosrc ppc64le x86_64)
<ul>
<li>kernel-kvmsmall-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.5 (ppc64le s390x x86_64)
<ul>
<li>kernel-livepatch-5_14_21-150500_55_12-default-1-150500.11.3.2</li>
<li>kernel-livepatch-5_14_21-150500_55_12-default-debuginfo-1-150500.11.3.2</li>
<li>kernel-livepatch-SLE15-SP5_Update_2-debugsource-1-150500.11.3.2</li>
</ul>
</li>
<li>
openSUSE Leap 15.5 (nosrc s390x)
<ul>
<li>kernel-zfcpdump-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.5 (s390x)
<ul>
<li>kernel-zfcpdump-debuginfo-5.14.21-150500.55.12.1</li>
<li>kernel-zfcpdump-debugsource-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.5 (nosrc)
<ul>
<li>dtb-aarch64-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.5 (aarch64)
<ul>
<li>reiserfs-kmp-64kb-debuginfo-5.14.21-150500.55.12.1</li>
<li>dtb-sprd-5.14.21-150500.55.12.1</li>
<li>dtb-exynos-5.14.21-150500.55.12.1</li>
<li>dtb-allwinner-5.14.21-150500.55.12.1</li>
<li>kernel-64kb-extra-debuginfo-5.14.21-150500.55.12.1</li>
<li>kernel-64kb-devel-5.14.21-150500.55.12.1</li>
<li>kernel-64kb-livepatch-devel-5.14.21-150500.55.12.1</li>
<li>dtb-altera-5.14.21-150500.55.12.1</li>
<li>dtb-arm-5.14.21-150500.55.12.1</li>
<li>gfs2-kmp-64kb-debuginfo-5.14.21-150500.55.12.1</li>
<li>kernel-64kb-extra-5.14.21-150500.55.12.1</li>
<li>kernel-64kb-optional-debuginfo-5.14.21-150500.55.12.1</li>
<li>dtb-amlogic-5.14.21-150500.55.12.1</li>
<li>dtb-apple-5.14.21-150500.55.12.1</li>
<li>kselftests-kmp-64kb-5.14.21-150500.55.12.1</li>
<li>dtb-socionext-5.14.21-150500.55.12.1</li>
<li>dtb-xilinx-5.14.21-150500.55.12.1</li>
<li>dtb-apm-5.14.21-150500.55.12.1</li>
<li>dlm-kmp-64kb-debuginfo-5.14.21-150500.55.12.1</li>
<li>dtb-lg-5.14.21-150500.55.12.1</li>
<li>dtb-renesas-5.14.21-150500.55.12.1</li>
<li>dtb-qcom-5.14.21-150500.55.12.1</li>
<li>dtb-nvidia-5.14.21-150500.55.12.1</li>
<li>kernel-64kb-optional-5.14.21-150500.55.12.1</li>
<li>gfs2-kmp-64kb-5.14.21-150500.55.12.1</li>
<li>dtb-broadcom-5.14.21-150500.55.12.1</li>
<li>dtb-cavium-5.14.21-150500.55.12.1</li>
<li>kernel-64kb-debugsource-5.14.21-150500.55.12.1</li>
<li>dtb-marvell-5.14.21-150500.55.12.1</li>
<li>dtb-rockchip-5.14.21-150500.55.12.1</li>
<li>kselftests-kmp-64kb-debuginfo-5.14.21-150500.55.12.1</li>
<li>dtb-amd-5.14.21-150500.55.12.1</li>
<li>kernel-64kb-devel-debuginfo-5.14.21-150500.55.12.1</li>
<li>dtb-hisilicon-5.14.21-150500.55.12.1</li>
<li>ocfs2-kmp-64kb-5.14.21-150500.55.12.1</li>
<li>dtb-freescale-5.14.21-150500.55.12.1</li>
<li>cluster-md-kmp-64kb-debuginfo-5.14.21-150500.55.12.1</li>
<li>reiserfs-kmp-64kb-5.14.21-150500.55.12.1</li>
<li>dlm-kmp-64kb-5.14.21-150500.55.12.1</li>
<li>dtb-amazon-5.14.21-150500.55.12.1</li>
<li>ocfs2-kmp-64kb-debuginfo-5.14.21-150500.55.12.1</li>
<li>cluster-md-kmp-64kb-5.14.21-150500.55.12.1</li>
<li>kernel-64kb-debuginfo-5.14.21-150500.55.12.1</li>
<li>dtb-mediatek-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.5 (aarch64 nosrc)
<ul>
<li>kernel-64kb-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
Basesystem Module 15-SP5 (aarch64 nosrc)
<ul>
<li>kernel-64kb-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
Basesystem Module 15-SP5 (aarch64)
<ul>
<li>kernel-64kb-debuginfo-5.14.21-150500.55.12.1</li>
<li>kernel-64kb-devel-debuginfo-5.14.21-150500.55.12.1</li>
<li>kernel-64kb-devel-5.14.21-150500.55.12.1</li>
<li>kernel-64kb-debugsource-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64 nosrc)
<ul>
<li>kernel-default-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
Basesystem Module 15-SP5 (aarch64 ppc64le x86_64)
<ul>
<li>kernel-default-base-5.14.21-150500.55.12.1.150500.6.4.2</li>
</ul>
</li>
<li>
Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
<ul>
<li>kernel-default-devel-5.14.21-150500.55.12.1</li>
<li>kernel-default-debuginfo-5.14.21-150500.55.12.1</li>
<li>kernel-default-devel-debuginfo-5.14.21-150500.55.12.1</li>
<li>kernel-default-debugsource-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
Basesystem Module 15-SP5 (noarch)
<ul>
<li>kernel-macros-5.14.21-150500.55.12.1</li>
<li>kernel-devel-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
Basesystem Module 15-SP5 (nosrc s390x)
<ul>
<li>kernel-zfcpdump-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
Basesystem Module 15-SP5 (s390x)
<ul>
<li>kernel-zfcpdump-debuginfo-5.14.21-150500.55.12.1</li>
<li>kernel-zfcpdump-debugsource-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
Development Tools Module 15-SP5 (noarch nosrc)
<ul>
<li>kernel-docs-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64)
<ul>
<li>kernel-obs-build-5.14.21-150500.55.12.1</li>
<li>kernel-obs-build-debugsource-5.14.21-150500.55.12.1</li>
<li>kernel-syms-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
Development Tools Module 15-SP5 (noarch)
<ul>
<li>kernel-source-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
Legacy Module 15-SP5 (nosrc)
<ul>
<li>kernel-default-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64)
<ul>
<li>reiserfs-kmp-default-5.14.21-150500.55.12.1</li>
<li>reiserfs-kmp-default-debuginfo-5.14.21-150500.55.12.1</li>
<li>kernel-default-debuginfo-5.14.21-150500.55.12.1</li>
<li>kernel-default-debugsource-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Live Patching 15-SP5 (nosrc)
<ul>
<li>kernel-default-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
<ul>
<li>kernel-livepatch-5_14_21-150500_55_12-default-debuginfo-1-150500.11.3.2</li>
<li>kernel-default-livepatch-devel-5.14.21-150500.55.12.1</li>
<li>kernel-default-livepatch-5.14.21-150500.55.12.1</li>
<li>kernel-default-debugsource-5.14.21-150500.55.12.1</li>
<li>kernel-livepatch-5_14_21-150500_55_12-default-1-150500.11.3.2</li>
<li>kernel-default-debuginfo-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le s390x x86_64)
<ul>
<li>dlm-kmp-default-debuginfo-5.14.21-150500.55.12.1</li>
<li>ocfs2-kmp-default-debuginfo-5.14.21-150500.55.12.1</li>
<li>dlm-kmp-default-5.14.21-150500.55.12.1</li>
<li>gfs2-kmp-default-debuginfo-5.14.21-150500.55.12.1</li>
<li>gfs2-kmp-default-5.14.21-150500.55.12.1</li>
<li>cluster-md-kmp-default-debuginfo-5.14.21-150500.55.12.1</li>
<li>kernel-default-debugsource-5.14.21-150500.55.12.1</li>
<li>ocfs2-kmp-default-5.14.21-150500.55.12.1</li>
<li>kernel-default-debuginfo-5.14.21-150500.55.12.1</li>
<li>cluster-md-kmp-default-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise High Availability Extension 15 SP5 (nosrc)
<ul>
<li>kernel-default-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Workstation Extension 15 SP5 (nosrc)
<ul>
<li>kernel-default-5.14.21-150500.55.12.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64)
<ul>
<li>kernel-default-extra-debuginfo-5.14.21-150500.55.12.1</li>
<li>kernel-default-debuginfo-5.14.21-150500.55.12.1</li>
<li>kernel-default-extra-5.14.21-150500.55.12.1</li>
<li>kernel-default-debugsource-5.14.21-150500.55.12.1</li>
</ul>
</li>
</ul>
<h2>References:</h2>
<ul>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-20593.html">https://www.suse.com/security/cve/CVE-2023-20593.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-2985.html">https://www.suse.com/security/cve/CVE-2023-2985.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-3117.html">https://www.suse.com/security/cve/CVE-2023-3117.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-31248.html">https://www.suse.com/security/cve/CVE-2023-31248.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-3390.html">https://www.suse.com/security/cve/CVE-2023-3390.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-35001.html">https://www.suse.com/security/cve/CVE-2023-35001.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-3812.html">https://www.suse.com/security/cve/CVE-2023-3812.html</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1150305">https://bugzilla.suse.com/show_bug.cgi?id=1150305</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1193629">https://bugzilla.suse.com/show_bug.cgi?id=1193629</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1194869">https://bugzilla.suse.com/show_bug.cgi?id=1194869</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1207894">https://bugzilla.suse.com/show_bug.cgi?id=1207894</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208788">https://bugzilla.suse.com/show_bug.cgi?id=1208788</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1211243">https://bugzilla.suse.com/show_bug.cgi?id=1211243</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1211867">https://bugzilla.suse.com/show_bug.cgi?id=1211867</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1212256">https://bugzilla.suse.com/show_bug.cgi?id=1212256</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1212301">https://bugzilla.suse.com/show_bug.cgi?id=1212301</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1212525">https://bugzilla.suse.com/show_bug.cgi?id=1212525</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1212846">https://bugzilla.suse.com/show_bug.cgi?id=1212846</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1212905">https://bugzilla.suse.com/show_bug.cgi?id=1212905</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213059">https://bugzilla.suse.com/show_bug.cgi?id=1213059</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213061">https://bugzilla.suse.com/show_bug.cgi?id=1213061</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213205">https://bugzilla.suse.com/show_bug.cgi?id=1213205</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213206">https://bugzilla.suse.com/show_bug.cgi?id=1213206</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213226">https://bugzilla.suse.com/show_bug.cgi?id=1213226</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213233">https://bugzilla.suse.com/show_bug.cgi?id=1213233</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213245">https://bugzilla.suse.com/show_bug.cgi?id=1213245</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213247">https://bugzilla.suse.com/show_bug.cgi?id=1213247</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213252">https://bugzilla.suse.com/show_bug.cgi?id=1213252</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213258">https://bugzilla.suse.com/show_bug.cgi?id=1213258</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213259">https://bugzilla.suse.com/show_bug.cgi?id=1213259</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213263">https://bugzilla.suse.com/show_bug.cgi?id=1213263</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213264">https://bugzilla.suse.com/show_bug.cgi?id=1213264</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213286">https://bugzilla.suse.com/show_bug.cgi?id=1213286</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213493">https://bugzilla.suse.com/show_bug.cgi?id=1213493</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213523">https://bugzilla.suse.com/show_bug.cgi?id=1213523</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213524">https://bugzilla.suse.com/show_bug.cgi?id=1213524</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213533">https://bugzilla.suse.com/show_bug.cgi?id=1213533</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213543">https://bugzilla.suse.com/show_bug.cgi?id=1213543</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213705">https://bugzilla.suse.com/show_bug.cgi?id=1213705</a>
</li>
<li>
<a href="https://jira.suse.com/browse/PED-4718">https://jira.suse.com/browse/PED-4718</a>
</li>
<li>
<a href="https://jira.suse.com/browse/PED-4758">https://jira.suse.com/browse/PED-4758</a>
</li>
</ul>
</div>