<div class="container">
<h1>Security update for the Linux Kernel</h1>
<table class="table table-striped table-bordered">
<tbody>
<tr>
<th>Announcement ID:</th>
<td>SUSE-SU-2023:3313-1</td>
</tr>
<tr>
<th>Rating:</th>
<td>important</td>
</tr>
<tr>
<th>References:</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1206418">#1206418</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1207129">#1207129</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1210627">#1210627</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1210780">#1210780</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1211131">#1211131</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1211738">#1211738</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1212502">#1212502</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1212604">#1212604</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1212901">#1212901</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213167">#1213167</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213272">#1213272</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213287">#1213287</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213304">#1213304</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213585">#1213585</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213586">#1213586</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213588">#1213588</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213620">#1213620</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213653">#1213653</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213713">#1213713</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213715">#1213715</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213747">#1213747</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213756">#1213756</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213759">#1213759</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213777">#1213777</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213810">#1213810</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213812">#1213812</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213842">#1213842</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213856">#1213856</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213857">#1213857</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213863">#1213863</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213867">#1213867</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213870">#1213870</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213871">#1213871</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>
Cross-References:
</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2022-40982.html">CVE-2022-40982</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-0459.html">CVE-2023-0459</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-20569.html">CVE-2023-20569</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-21400.html">CVE-2023-21400</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-2156.html">CVE-2023-2156</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-2166.html">CVE-2023-2166</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-31083.html">CVE-2023-31083</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-3268.html">CVE-2023-3268</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-3567.html">CVE-2023-3567</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-3609.html">CVE-2023-3609</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-3611.html">CVE-2023-3611</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-3776.html">CVE-2023-3776</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-4004.html">CVE-2023-4004</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>CVSS scores:</th>
<td>
<ul class="list-group">
<li class="list-group-item">
<span class="cvss-reference">CVE-2022-40982</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">6.2</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2022-40982</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">6.5</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-0459</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">4.7</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-0459</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">6.5</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-20569</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">5.6</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-21400</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">6.7</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-21400</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">6.7</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-2156</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">7.5</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-2156</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">7.5</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-2166</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">5.5</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-2166</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">5.5</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-31083</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">5.5</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-31083</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">4.7</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-3268</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">6.1</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-3268</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">7.1</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-3567</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">7.8</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-3567</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">6.7</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-3609</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">7.0</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-3609</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">7.8</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-3611</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">6.7</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-3611</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">7.8</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-3776</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">6.7</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-3776</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">7.8</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-4004</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">7.8</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-4004</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">7.8</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span>
</li>
</ul>
</td>
</tr>
<tr>
<th>Affected Products:</th>
<td>
<ul class="list-group">
<li class="list-group-item">Basesystem Module 15-SP4</li>
<li class="list-group-item">Development Tools Module 15-SP4</li>
<li class="list-group-item">Legacy Module 15-SP4</li>
<li class="list-group-item">openSUSE Leap 15.4</li>
<li class="list-group-item">openSUSE Leap Micro 5.3</li>
<li class="list-group-item">openSUSE Leap Micro 5.4</li>
<li class="list-group-item">SUSE Linux Enterprise Desktop 15 SP4</li>
<li class="list-group-item">SUSE Linux Enterprise High Availability Extension 15 SP4</li>
<li class="list-group-item">SUSE Linux Enterprise High Performance Computing 15 SP4</li>
<li class="list-group-item">SUSE Linux Enterprise Live Patching 15-SP4</li>
<li class="list-group-item">SUSE Linux Enterprise Micro 5.3</li>
<li class="list-group-item">SUSE Linux Enterprise Micro 5.4</li>
<li class="list-group-item">SUSE Linux Enterprise Micro for Rancher 5.3</li>
<li class="list-group-item">SUSE Linux Enterprise Micro for Rancher 5.4</li>
<li class="list-group-item">SUSE Linux Enterprise Real Time 15 SP4</li>
<li class="list-group-item">SUSE Linux Enterprise Server 15 SP4</li>
<li class="list-group-item">SUSE Linux Enterprise Server for SAP Applications 15 SP4</li>
<li class="list-group-item">SUSE Linux Enterprise Workstation Extension 15 SP4</li>
<li class="list-group-item">SUSE Manager Proxy 4.3</li>
<li class="list-group-item">SUSE Manager Retail Branch Server 4.3</li>
<li class="list-group-item">SUSE Manager Server 4.3</li>
</ul>
</td>
</tr>
</tbody>
</table>
<p>An update that solves 13 vulnerabilities and has 20 fixes can now be installed.</p>
<h2>Description:</h2>
<p>The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes.</p>
<p>The following security bugs were fixed:</p>
<ul>
<li>CVE-2022-40982: Fixed transient execution attack called "Gather Data Sampling" (bsc#1206418).</li>
<li>CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec (bsc#1211738).</li>
<li>CVE-2023-20569: Fixed side channel attack ‘Inception’ or ‘RAS Poisoning’ (bsc#1213287).</li>
<li>CVE-2023-21400: Fixed several memory corruptions due to improper locking in io_uring (bsc#1213272).</li>
<li>CVE-2023-2156: Fixed a flaw in the networking subsystem within the handling of the RPL protocol (bsc#1211131).</li>
<li>CVE-2023-2166: Fixed NULL pointer dereference in can_rcv_filter (bsc#1210627).</li>
<li>CVE-2023-31083: Fixed race condition in hci_uart_tty_ioctl (bsc#1210780).</li>
<li>CVE-2023-3268: Fixed an out of bounds memory access flaw in relay_file_read_start_pos in the relayfs (bsc#1212502).</li>
<li>CVE-2023-3567: Fixed a use-after-free in vcs_read in drivers/tty/vt/vc_screen.c (bsc#1213167).</li>
<li>CVE-2023-3609: Fixed reference counter leak leading to overflow in net/sched (bsc#1213586).</li>
<li>CVE-2023-3611: Fixed an out-of-bounds write in net/sched sch_qfq(bsc#1213585).</li>
<li>CVE-2023-3776: Fixed improper refcount update in cls_fw leads to use-after-free (bsc#1213588).</li>
<li>CVE-2023-4004: Fixed improper element removal netfilter nft_set_pipapo (bsc#1213812).</li>
</ul>
<p>The following non-security bugs were fixed:</p>
<ul>
<li>afs: Fix access after dec in put functions (git-fixes).</li>
<li>afs: Fix afs_getattr() to refetch file status if callback break occurred (git-fixes).</li>
<li>afs: Fix dynamic root getattr (git-fixes).</li>
<li>afs: Fix fileserver probe RTT handling (git-fixes).</li>
<li>afs: Fix infinite loop found by xfstest generic/676 (git-fixes).</li>
<li>afs: Fix lost servers_outstanding count (git-fixes).</li>
<li>afs: Fix server->active leak in afs_put_server (git-fixes).</li>
<li>afs: Fix setting of mtime when creating a file/dir/symlink (git-fixes).</li>
<li>afs: Fix updating of i_size with dv jump from server (git-fixes).</li>
<li>afs: Fix vlserver probe RTT handling (git-fixes).</li>
<li>afs: Return -EAGAIN, not -EREMOTEIO, when a file already locked (git-fixes).</li>
<li>afs: Use refcount_t rather than atomic_t (git-fixes).</li>
<li>afs: Use the operation issue time instead of the reply time for callbacks (git-fixes).</li>
<li>afs: adjust ack interpretation to try and cope with nat (git-fixes).</li>
<li>alsa: emu10k1: roll up loops in dsp setup code for audigy (git-fixes).</li>
<li>alsa: hda/realtek: support asus g713pv laptop (git-fixes).</li>
<li>alsa: hda/relatek: enable mute led on hp 250 g8 (git-fixes).</li>
<li>alsa: usb-audio: add quirk for microsoft modern wireless headset (bsc#1207129).</li>
<li>alsa: usb-audio: update for native dsd support quirks (git-fixes).</li>
<li>asoc: atmel: fix the 8k sample parameter in i2sc master (git-fixes).</li>
<li>asoc: codecs: es8316: fix dmic config (git-fixes).</li>
<li>asoc: da7219: check for failure reading aad irq events (git-fixes).</li>
<li>asoc: da7219: flush pending aad irq when suspending (git-fixes).</li>
<li>asoc: fsl_sai: disable bit clock with transmitter (git-fixes).</li>
<li>asoc: fsl_spdif: silence output on stop (git-fixes).</li>
<li>asoc: rt5682-sdw: fix for jd event handling in clockstop mode0 (git-fixes).</li>
<li>asoc: rt711-sdca: fix for jd event handling in clockstop mode0 (git-fixes).</li>
<li>asoc: rt711: fix for jd event handling in clockstop mode0 (git-fixes).</li>
<li>asoc: wm8904: fill the cache for wm8904_adc_test_0 register (git-fixes).</li>
<li>ata: pata_ns87415: mark ns87560_tf_read static (git-fixes).</li>
<li>block, bfq: Fix division by zero error on zero wsum (bsc#1213653).</li>
<li>block: Fix a source code comment in include/uapi/linux/blkzoned.h (git-fixes).</li>
<li>can: gs_usb: gs_can_close(): add missing set of CAN state to CAN_STATE_STOPPED (git-fixes).</li>
<li>ceph: do not let check_caps skip sending responses for revoke msgs (bsc#1213856).</li>
<li>coda: Avoid partial allocation of sig_inputArgs (git-fixes).</li>
<li>dlm: fix missing lkb refcount handling (git-fixes).</li>
<li>dlm: fix plock invalid read (git-fixes).</li>
<li>documentation: devices.txt: reconcile serial/ucc_uart minor numers (git-fixes).</li>
<li>drm/amd/display: Disable MPC split by default on special asic (git-fixes).</li>
<li>drm/amd/display: Keep PHY active for DP displays on DCN31 (git-fixes).</li>
<li>drm/client: Fix memory leak in drm_client_modeset_probe (git-fixes).</li>
<li>drm/msm/adreno: Fix snapshot BINDLESS_DATA size (git-fixes).</li>
<li>drm/msm/dpu: drop enum dpu_core_perf_data_bus_id (git-fixes).</li>
<li>drm/msm: Fix IS_ERR_OR_NULL() vs NULL check in a5xx_submit_in_rb() (git-fixes).</li>
<li>drm/radeon: Fix integer overflow in radeon_cs_parser_init (git-fixes).</li>
<li>file: always lock position for FMODE_ATOMIC_POS (bsc#1213759).</li>
<li>fs: dlm: add midcomms init/start functions (git-fixes).</li>
<li>fs: dlm: do not set stop rx flag after node reset (git-fixes).</li>
<li>fs: dlm: filter user dlm messages for kernel locks (git-fixes).</li>
<li>fs: dlm: fix log of lowcomms vs midcomms (git-fixes).</li>
<li>fs: dlm: fix race between test_bit() and queue_work() (git-fixes).</li>
<li>fs: dlm: fix race in lowcomms (git-fixes).</li>
<li>fs: dlm: handle -EBUSY first in lock arg validation (git-fixes).</li>
<li>fs: dlm: move sending fin message into state change handling (git-fixes).</li>
<li>fs: dlm: retry accept() until -EAGAIN or error returns (git-fixes).</li>
<li>fs: dlm: return positive pid value for F_GETLK (git-fixes).</li>
<li>fs: dlm: start midcomms before scand (git-fixes).</li>
<li>fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode() (git-fixes).</li>
<li>fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev (git-fixes).</li>
<li>fs: jfs: check for read-only mounted filesystem in txbegin (git-fixes).</li>
<li>fs: jfs: fix null-ptr-deref read in txbegin (git-fixes).</li>
<li>gve: Set default duplex configuration to full (git-fixes).</li>
<li>gve: unify driver name usage (git-fixes).</li>
<li>hwmon: (k10temp) Enable AMD3255 Proc to show negative temperature (git-fixes).</li>
<li>hwmon: (nct7802) Fix for temp6 (PECI1) processed even if PECI1 disabled (git-fixes).</li>
<li>iavf: Fix out-of-bounds when setting channels on remove (git-fixes).</li>
<li>iavf: Fix use-after-free in free_netdev (git-fixes).</li>
<li>iavf: use internal state to free traffic IRQs (git-fixes).</li>
<li>igc: Check if hardware TX timestamping is enabled earlier (git-fixes).</li>
<li>igc: Enable and fix RX hash usage by netstack (git-fixes).</li>
<li>igc: Fix Kernel Panic during ndo_tx_timeout callback (git-fixes).</li>
<li>igc: Fix inserting of empty frame for launchtime (git-fixes).</li>
<li>igc: Fix launchtime before start of cycle (git-fixes).</li>
<li>igc: Fix race condition in PTP tx code (git-fixes).</li>
<li>igc: Handle PPS start time programming for past time values (git-fixes).</li>
<li>igc: Prevent garbled TX queue with XDP ZEROCOPY (git-fixes).</li>
<li>igc: Remove delay during TX ring configuration (git-fixes).</li>
<li>igc: Work around HW bug causing missing timestamps (git-fixes).</li>
<li>igc: set TP bit in 'supported' and 'advertising' fields of ethtool_link_ksettings (git-fixes).</li>
<li>input: i8042 - add clevo pcx0dx to i8042 quirk table (git-fixes).</li>
<li>input: iqs269a - do not poll during ati (git-fixes).</li>
<li>input: iqs269a - do not poll during suspend or resume (git-fixes).</li>
<li>jffs2: GC deadlock reading a page that is used in jffs2_write_begin() (git-fixes).</li>
<li>jffs2: fix memory leak in jffs2_do_fill_super (git-fixes).</li>
<li>jffs2: fix memory leak in jffs2_do_mount_fs (git-fixes).</li>
<li>jffs2: fix memory leak in jffs2_scan_medium (git-fixes).</li>
<li>jffs2: fix use-after-free in jffs2_clear_xattr_subsystem (git-fixes).</li>
<li>jffs2: reduce stack usage in jffs2_build_xattr_subsystem() (git-fixes).</li>
<li>jfs: jfs_dmap: Validate db_l2nbperpage while mounting (git-fixes).</li>
<li>kvm: arm64: do not read a hw interrupt pending state in user context (git-fixes)</li>
<li>kvm: arm64: warn if accessing timer pending state outside of vcpu (bsc#1213620)</li>
<li>kvm: do not null dereference ops->destroy (git-fixes)</li>
<li>kvm: downgrade two bug_ons to warn_on_once (git-fixes)</li>
<li>kvm: initialize debugfs_dentry when a vm is created to avoid null (git-fixes)</li>
<li>kvm: s390: pv: fix index value of replaced asce (git-fixes bsc#1213867).</li>
<li>kvm: vmx: inject #gp on encls if vcpu has paging disabled (cr0.pg==0) (git-fixes).</li>
<li>kvm: vmx: inject #gp, not #ud, if sgx2 encls leafs are unsupported (git-fixes).</li>
<li>kvm: vmx: restore vmx_vmexit alignment (git-fixes).</li>
<li>kvm: x86: account fastpath-only vm-exits in vcpu stats (git-fixes).</li>
<li>libceph: harden msgr2.1 frame segment length checks (bsc#1213857).</li>
<li>media: staging: atomisp: select V4L2_FWNODE (git-fixes).</li>
<li>net/sched: sch_qfq: refactor parsing of netlink parameters (bsc#1213585).</li>
<li>net/sched: sch_qfq: reintroduce lmax bound check for MTU (bsc#1213585).</li>
<li>net: ena: fix shift-out-of-bounds in exponential backoff (git-fixes).</li>
<li>net: mana: Batch ringing RX queue doorbell on receiving packets (bsc#1212901).</li>
<li>net: mana: Use the correct WQE count for ringing RQ doorbell (bsc#1212901).</li>
<li>net: phy: marvell10g: fix 88x3310 power up (git-fixes).</li>
<li>nfsd: add encoding of op_recall flag for write delegation (git-fixes).</li>
<li>nfsd: fix double fget() bug in __write_ports_addfd() (git-fixes).</li>
<li>nfsd: fix sparse warning (git-fixes).</li>
<li>nfsd: remove open coding of string copy (git-fixes).</li>
<li>nfsv4.1: always send a reclaim_complete after establishing lease (git-fixes).</li>
<li>nfsv4.1: freeze the session table upon receiving nfs4err_badsession (git-fixes).</li>
<li>nvme-pci: fix DMA direction of unmapping integrity data (git-fixes).</li>
<li>nvme-pci: remove nvme_queue from nvme_iod (git-fixes).</li>
<li>octeontx-af: fix hardware timestamp configuration (git-fixes).</li>
<li>octeontx2-af: Move validation of ptp pointer before its usage (git-fixes).</li>
<li>octeontx2-pf: Add additional check for MCAM rules (git-fixes).</li>
<li>phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe() (git-fixes).</li>
<li>pinctrl: amd: Do not show <code>Invalid config param</code> errors (git-fixes).</li>
<li>pinctrl: amd: Use amd_pinconf_set() for all config options (git-fixes).</li>
<li>platform/x86: msi-laptop: Fix rfkill out-of-sync on MSI Wind U100 (git-fixes).</li>
<li>rdma/bnxt_re: fix hang during driver unload (git-fixes)</li>
<li>rdma/bnxt_re: prevent handling any completions after qp destroy (git-fixes)</li>
<li>rdma/core: update cma destination address on rdma_resolve_addr (git-fixes)</li>
<li>rdma/irdma: add missing read barriers (git-fixes)</li>
<li>rdma/irdma: fix data race on cqp completion stats (git-fixes)</li>
<li>rdma/irdma: fix data race on cqp request done (git-fixes)</li>
<li>rdma/irdma: fix op_type reporting in cqes (git-fixes)</li>
<li>rdma/irdma: report correct wc error (git-fixes)</li>
<li>rdma/mlx4: make check for invalid flags stricter (git-fixes)</li>
<li>rdma/mthca: fix crash when polling cq for shared qps (git-fixes)</li>
<li>regmap: Account for register length in SMBus I/O limits (git-fixes).</li>
<li>regmap: Drop initial version of maximum transfer length fixes (git-fixes).</li>
<li>revert "debugfs, coccinelle: check for obsolete define_simple_attribute() usage" (git-fixes).</li>
<li>revert "nfsv4: retry lock on old_stateid during delegation return" (git-fixes).</li>
<li>revert "usb: dwc3: core: enable autoretry feature in the controller" (git-fixes).</li>
<li>revert "usb: gadget: tegra-xudc: fix error check in tegra_xudc_powerdomain_init()" (git-fixes).</li>
<li>revert "usb: xhci: tegra: fix error check" (git-fixes).</li>
<li>revert "xhci: add quirk for host controllers that do not update endpoint dcs" (git-fixes).</li>
<li>rxrpc, afs: Fix selection of abort codes (git-fixes).</li>
<li>s390/bpf: Add expoline to tail calls (git-fixes bsc#1213870).</li>
<li>s390/dasd: fix hanging device after quiesce/resume (git-fixes bsc#1213810).</li>
<li>s390/decompressor: specify __decompress() buf len to avoid overflow (git-fixes bsc#1213863).</li>
<li>s390/ipl: add missing intersection check to ipl_report handling (git-fixes bsc#1213871).</li>
<li>s390/qeth: Fix vipa deletion (git-fixes bsc#1213713).</li>
<li>s390/vmem: fix empty page tables cleanup under KASAN (git-fixes bsc#1213715).</li>
<li>s390: introduce nospec_uses_trampoline() (git-fixes bsc#1213870).</li>
<li>scftorture: Count reschedule IPIs (git-fixes).</li>
<li>scsi: lpfc: Abort outstanding ELS cmds when mailbox timeout error is detected (bsc#1213756).</li>
<li>scsi: lpfc: Avoid -Wstringop-overflow warning (bsc#1213756).</li>
<li>scsi: lpfc: Clean up SLI-4 sysfs resource reporting (bsc#1213756).</li>
<li>scsi: lpfc: Copyright updates for 14.2.0.14 patches (bsc#1213756).</li>
<li>scsi: lpfc: Fix a possible data race in lpfc_unregister_fcf_rescan() (bsc#1213756).</li>
<li>scsi: lpfc: Fix incorrect big endian type assignment in bsg loopback path (bsc#1213756).</li>
<li>scsi: lpfc: Fix incorrect big endian type assignments in FDMI and VMID paths (bsc#1213756).</li>
<li>scsi: lpfc: Fix lpfc_name struct packing (bsc#1213756).</li>
<li>scsi: lpfc: Make fabric zone discovery more robust when handling unsolicited LOGO (bsc#1213756).</li>
<li>scsi: lpfc: Pull out fw diagnostic dump log message from driver's trace buffer (bsc#1213756).</li>
<li>scsi: lpfc: Qualify ndlp discovery state when processing RSCN (bsc#1213756).</li>
<li>scsi: lpfc: Refactor cpu affinity assignment paths (bsc#1213756).</li>
<li>scsi: lpfc: Remove extra ndlp kref decrement in FLOGI cmpl for loop topology (bsc#1213756).</li>
<li>scsi: lpfc: Replace all non-returning strlcpy() with strscpy() (bsc#1213756).</li>
<li>scsi: lpfc: Replace one-element array with flexible-array member (bsc#1213756).</li>
<li>scsi: lpfc: Revise ndlp kref handling for dev_loss_tmo_callbk and lpfc_drop_node (bsc#1213756).</li>
<li>scsi: lpfc: Set Establish Image Pair service parameter only for Target Functions (bsc#1213756).</li>
<li>scsi: lpfc: Simplify fcp_abort transport callback log message (bsc#1213756).</li>
<li>scsi: lpfc: Update lpfc version to 14.2.0.14 (bsc#1213756).</li>
<li>scsi: lpfc: Use struct_size() helper (bsc#1213756).</li>
<li>scsi: qla2xxx: Adjust IOCB resource on qpair create (bsc#1213747).</li>
<li>scsi: qla2xxx: Array index may go out of bound (bsc#1213747).</li>
<li>scsi: qla2xxx: Avoid fcport pointer dereference (bsc#1213747).</li>
<li>scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport() (bsc#1213747).</li>
<li>scsi: qla2xxx: Correct the index of array (bsc#1213747).</li>
<li>scsi: qla2xxx: Drop useless LIST_HEAD (bsc#1213747).</li>
<li>scsi: qla2xxx: Fix NULL pointer dereference in target mode (bsc#1213747).</li>
<li>scsi: qla2xxx: Fix TMF leak through (bsc#1213747).</li>
<li>scsi: qla2xxx: Fix buffer overrun (bsc#1213747).</li>
<li>scsi: qla2xxx: Fix command flush during TMF (bsc#1213747).</li>
<li>scsi: qla2xxx: Fix deletion race condition (bsc#1213747).</li>
<li>scsi: qla2xxx: Fix end of loop test (bsc#1213747).</li>
<li>scsi: qla2xxx: Fix erroneous link up failure (bsc#1213747).</li>
<li>scsi: qla2xxx: Fix error code in qla2x00_start_sp() (bsc#1213747).</li>
<li>scsi: qla2xxx: Fix potential NULL pointer dereference (bsc#1213747).</li>
<li>scsi: qla2xxx: Fix session hang in gnl (bsc#1213747).</li>
<li>scsi: qla2xxx: Limit TMF to 8 per function (bsc#1213747).</li>
<li>scsi: qla2xxx: Pointer may be dereferenced (bsc#1213747).</li>
<li>scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue (bsc#1213747).</li>
<li>scsi: qla2xxx: Replace one-element array with DECLARE_FLEX_ARRAY() helper (bsc#1213747).</li>
<li>scsi: qla2xxx: Silence a static checker warning (bsc#1213747).</li>
<li>scsi: qla2xxx: Turn off noisy message log (bsc#1213747).</li>
<li>scsi: qla2xxx: Update version to 10.02.08.400-k (bsc#1213747).</li>
<li>scsi: qla2xxx: Update version to 10.02.08.500-k (bsc#1213747).</li>
<li>scsi: qla2xxx: Use vmalloc_array() and vcalloc() (bsc#1213747).</li>
<li>scsi: qla2xxx: fix inconsistent TMF timeout (bsc#1213747).</li>
<li>serial: qcom-geni: drop bogus runtime pm state update (git-fixes).</li>
<li>serial: sifive: Fix sifive_serial_console_setup() section (git-fixes).</li>
<li>soundwire: qcom: update status correctly with mask (git-fixes).</li>
<li>staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext() (git-fixes).</li>
<li>staging: r8712: Fix memory leak in _r8712_init_xmit_priv() (git-fixes).</li>
<li>sunrpc: always free ctxt when freeing deferred request (git-fixes).</li>
<li>sunrpc: double free xprt_ctxt while still in use (git-fixes).</li>
<li>sunrpc: fix trace_svc_register() call site (git-fixes).</li>
<li>sunrpc: fix uaf in svc_tcp_listen_data_ready() (git-fixes).</li>
<li>sunrpc: remove dead code in svc_tcp_release_rqst() (git-fixes).</li>
<li>sunrpc: remove the maximum number of retries in call_bind_status (git-fixes).</li>
<li>svcrdma: Prevent page release when nothing was received (git-fixes).</li>
<li>tpm_tis: Explicitly check for error code (git-fixes).</li>
<li>tty: n_gsm: fix UAF in gsm_cleanup_mux (git-fixes).</li>
<li>ubifs: Add missing iput if do_tmpfile() failed in rename whiteout (git-fixes).</li>
<li>ubifs: Error path in ubifs_remount_rw() seems to wrongly free write buffers (git-fixes).</li>
<li>ubifs: Fix 'ui->dirty' race between do_tmpfile() and writeback work (git-fixes).</li>
<li>ubifs: Fix AA deadlock when setting xattr for encrypted file (git-fixes).</li>
<li>ubifs: Fix build errors as symbol undefined (git-fixes).</li>
<li>ubifs: Fix deadlock in concurrent rename whiteout and inode writeback (git-fixes).</li>
<li>ubifs: Fix memory leak in alloc_wbufs() (git-fixes).</li>
<li>ubifs: Fix memory leak in do_rename (git-fixes).</li>
<li>ubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock() (git-fixes).</li>
<li>ubifs: Fix to add refcount once page is set private (git-fixes).</li>
<li>ubifs: Fix wrong dirty space budget for dirty inode (git-fixes).</li>
<li>ubifs: Free memory for tmpfile name (git-fixes).</li>
<li>ubifs: Rectify space amount budget for mkdir/tmpfile operations (git-fixes).</li>
<li>ubifs: Rectify space budget for ubifs_symlink() if symlink is encrypted (git-fixes).</li>
<li>ubifs: Rectify space budget for ubifs_xrename() (git-fixes).</li>
<li>ubifs: Rename whiteout atomically (git-fixes).</li>
<li>ubifs: Reserve one leb for each journal head while doing budget (git-fixes).</li>
<li>ubifs: do_rename: Fix wrong space budget when target inode's nlink > 1 (git-fixes).</li>
<li>ubifs: rename_whiteout: Fix double free for whiteout_ui->data (git-fixes).</li>
<li>ubifs: rename_whiteout: correct old_dir size computing (git-fixes).</li>
<li>ubifs: setflags: Make dirtied_ino_d 8 bytes aligned (git-fixes).</li>
<li>ubifs: ubifs_writepage: Mark page dirty after writing inode failed (git-fixes).</li>
<li>usb: dwc3: do not reset device side if dwc3 was configured as host-only (git-fixes).</li>
<li>usb: dwc3: pci: skip BYT GPIO lookup table for hardwired phy (git-fixes).</li>
<li>usb: gadget: core: remove unbalanced mutex_unlock in usb_gadget_activate (git-fixes).</li>
<li>usb: xhci-mtk: set the dma max_seg_size (git-fixes).</li>
<li>vhost: support PACKED when setting-getting vring_base (git-fixes).</li>
<li>vhost_net: revert upend_idx only on retriable error (git-fixes).</li>
<li>virtio-net: Maintain reverse cleanup order (git-fixes).</li>
<li>virtio_net: Fix error unwinding of XDP initialization (git-fixes).</li>
<li>x86/PVH: obtain VGA console info in Dom0 (git-fixes).</li>
<li>xen/blkfront: Only check REQ_FUA for writes (git-fixes).</li>
<li>xen/pvcalls-back: fix double frees with pvcalls_new_active_socket() (git-fixes).</li>
</ul>
<h2>Special Instructions and Notes:</h2>
<ul>
<li>Please reboot the system after installing this update.</li>
</ul>
<h2>Patch Instructions:</h2>
<p>
To install this SUSE Important update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".<br/>
Alternatively you can run the command listed for your product:
</p>
<ul class="list-group">
<li class="list-group-item">
SUSE Linux Enterprise Micro for Rancher 5.4
<br/>
<code>zypper in -t patch SUSE-SLE-Micro-5.4-2023-3313=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise Micro 5.4
<br/>
<code>zypper in -t patch SUSE-SLE-Micro-5.4-2023-3313=1</code>
</li>
<li class="list-group-item">
Basesystem Module 15-SP4
<br/>
<code>zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-3313=1</code>
</li>
<li class="list-group-item">
Development Tools Module 15-SP4
<br/>
<code>zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2023-3313=1</code>
</li>
<li class="list-group-item">
Legacy Module 15-SP4
<br/>
<code>zypper in -t patch SUSE-SLE-Module-Legacy-15-SP4-2023-3313=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise Live Patching 15-SP4
<br/>
<code>zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2023-3313=1</code>
<br/>
Please note that this is the initial kernel livepatch without fixes itself,
this package is later updated by separate standalone kernel livepatch
updates.
</li>
<li class="list-group-item">
SUSE Linux Enterprise High Availability Extension 15 SP4
<br/>
<code>zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2023-3313=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise Workstation Extension 15 SP4
<br/>
<code>zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2023-3313=1</code>
</li>
<li class="list-group-item">
openSUSE Leap 15.4
<br/>
<code>zypper in -t patch SUSE-2023-3313=1 openSUSE-SLE-15.4-2023-3313=1</code>
</li>
<li class="list-group-item">
openSUSE Leap Micro 5.3
<br/>
<code>zypper in -t patch openSUSE-Leap-Micro-5.3-2023-3313=1</code>
</li>
<li class="list-group-item">
openSUSE Leap Micro 5.4
<br/>
<code>zypper in -t patch openSUSE-Leap-Micro-5.4-2023-3313=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise Micro for Rancher 5.3
<br/>
<code>zypper in -t patch SUSE-SLE-Micro-5.3-2023-3313=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise Micro 5.3
<br/>
<code>zypper in -t patch SUSE-SLE-Micro-5.3-2023-3313=1</code>
</li>
</ul>
<h2>Package List:</h2>
<ul>
<li>
SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc s390x x86_64)
<ul>
<li>kernel-default-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64)
<ul>
<li>kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
<ul>
<li>kernel-default-debuginfo-5.14.21-150400.24.81.1</li>
<li>kernel-default-debugsource-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc s390x x86_64)
<ul>
<li>kernel-default-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64)
<ul>
<li>kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
<ul>
<li>kernel-default-debuginfo-5.14.21-150400.24.81.1</li>
<li>kernel-default-debugsource-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
Basesystem Module 15-SP4 (aarch64 nosrc)
<ul>
<li>kernel-64kb-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
Basesystem Module 15-SP4 (aarch64)
<ul>
<li>kernel-64kb-devel-5.14.21-150400.24.81.1</li>
<li>kernel-64kb-debuginfo-5.14.21-150400.24.81.1</li>
<li>kernel-64kb-debugsource-5.14.21-150400.24.81.1</li>
<li>kernel-64kb-devel-debuginfo-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64 nosrc)
<ul>
<li>kernel-default-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
Basesystem Module 15-SP4 (aarch64 ppc64le x86_64)
<ul>
<li>kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3</li>
</ul>
</li>
<li>
Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64)
<ul>
<li>kernel-default-devel-5.14.21-150400.24.81.1</li>
<li>kernel-default-devel-debuginfo-5.14.21-150400.24.81.1</li>
<li>kernel-default-debuginfo-5.14.21-150400.24.81.1</li>
<li>kernel-default-debugsource-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
Basesystem Module 15-SP4 (noarch)
<ul>
<li>kernel-devel-5.14.21-150400.24.81.1</li>
<li>kernel-macros-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
Basesystem Module 15-SP4 (nosrc s390x)
<ul>
<li>kernel-zfcpdump-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
Basesystem Module 15-SP4 (s390x)
<ul>
<li>kernel-zfcpdump-debugsource-5.14.21-150400.24.81.1</li>
<li>kernel-zfcpdump-debuginfo-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
Development Tools Module 15-SP4 (noarch nosrc)
<ul>
<li>kernel-docs-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
Development Tools Module 15-SP4 (aarch64 ppc64le s390x x86_64)
<ul>
<li>kernel-obs-build-debugsource-5.14.21-150400.24.81.1</li>
<li>kernel-syms-5.14.21-150400.24.81.1</li>
<li>kernel-obs-build-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
Development Tools Module 15-SP4 (noarch)
<ul>
<li>kernel-source-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
Legacy Module 15-SP4 (nosrc)
<ul>
<li>kernel-default-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
Legacy Module 15-SP4 (aarch64 ppc64le s390x x86_64)
<ul>
<li>reiserfs-kmp-default-debuginfo-5.14.21-150400.24.81.1</li>
<li>reiserfs-kmp-default-5.14.21-150400.24.81.1</li>
<li>kernel-default-debuginfo-5.14.21-150400.24.81.1</li>
<li>kernel-default-debugsource-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Live Patching 15-SP4 (nosrc)
<ul>
<li>kernel-default-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
<ul>
<li>kernel-default-debuginfo-5.14.21-150400.24.81.1</li>
<li>kernel-livepatch-SLE15-SP4_Update_16-debugsource-1-150400.9.3.3</li>
<li>kernel-livepatch-5_14_21-150400_24_81-default-1-150400.9.3.3</li>
<li>kernel-default-livepatch-5.14.21-150400.24.81.1</li>
<li>kernel-default-livepatch-devel-5.14.21-150400.24.81.1</li>
<li>kernel-livepatch-5_14_21-150400_24_81-default-debuginfo-1-150400.9.3.3</li>
<li>kernel-default-debugsource-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64)
<ul>
<li>ocfs2-kmp-default-5.14.21-150400.24.81.1</li>
<li>kernel-default-debuginfo-5.14.21-150400.24.81.1</li>
<li>cluster-md-kmp-default-5.14.21-150400.24.81.1</li>
<li>gfs2-kmp-default-5.14.21-150400.24.81.1</li>
<li>cluster-md-kmp-default-debuginfo-5.14.21-150400.24.81.1</li>
<li>gfs2-kmp-default-debuginfo-5.14.21-150400.24.81.1</li>
<li>ocfs2-kmp-default-debuginfo-5.14.21-150400.24.81.1</li>
<li>dlm-kmp-default-5.14.21-150400.24.81.1</li>
<li>dlm-kmp-default-debuginfo-5.14.21-150400.24.81.1</li>
<li>kernel-default-debugsource-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc)
<ul>
<li>kernel-default-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Workstation Extension 15 SP4 (nosrc)
<ul>
<li>kernel-default-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Workstation Extension 15 SP4 (x86_64)
<ul>
<li>kernel-default-extra-debuginfo-5.14.21-150400.24.81.1</li>
<li>kernel-default-extra-5.14.21-150400.24.81.1</li>
<li>kernel-default-debuginfo-5.14.21-150400.24.81.1</li>
<li>kernel-default-debugsource-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.4 (ppc64le s390x x86_64)
<ul>
<li>kernel-livepatch-5_14_21-150400_24_81-default-debuginfo-1-150400.9.3.3</li>
<li>kernel-livepatch-5_14_21-150400_24_81-default-1-150400.9.3.3</li>
<li>kernel-livepatch-SLE15-SP4_Update_16-debugsource-1-150400.9.3.3</li>
</ul>
</li>
<li>
openSUSE Leap 15.4 (noarch nosrc)
<ul>
<li>kernel-docs-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.4 (noarch)
<ul>
<li>kernel-source-vanilla-5.14.21-150400.24.81.1</li>
<li>kernel-source-5.14.21-150400.24.81.1</li>
<li>kernel-devel-5.14.21-150400.24.81.1</li>
<li>kernel-docs-html-5.14.21-150400.24.81.1</li>
<li>kernel-macros-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.4 (nosrc ppc64le x86_64)
<ul>
<li>kernel-debug-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.4 (ppc64le x86_64)
<ul>
<li>kernel-debug-debuginfo-5.14.21-150400.24.81.1</li>
<li>kernel-debug-livepatch-devel-5.14.21-150400.24.81.1</li>
<li>kernel-debug-devel-5.14.21-150400.24.81.1</li>
<li>kernel-debug-devel-debuginfo-5.14.21-150400.24.81.1</li>
<li>kernel-debug-debugsource-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.4 (aarch64 ppc64le x86_64)
<ul>
<li>kernel-default-base-rebuild-5.14.21-150400.24.81.1.150400.24.35.3</li>
<li>kernel-kvmsmall-debugsource-5.14.21-150400.24.81.1</li>
<li>kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3</li>
<li>kernel-kvmsmall-devel-5.14.21-150400.24.81.1</li>
<li>kernel-kvmsmall-debuginfo-5.14.21-150400.24.81.1</li>
<li>kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.81.1</li>
<li>kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
<ul>
<li>cluster-md-kmp-default-5.14.21-150400.24.81.1</li>
<li>kernel-default-optional-debuginfo-5.14.21-150400.24.81.1</li>
<li>kernel-obs-build-5.14.21-150400.24.81.1</li>
<li>kernel-default-livepatch-5.14.21-150400.24.81.1</li>
<li>kernel-default-extra-5.14.21-150400.24.81.1</li>
<li>kernel-default-optional-5.14.21-150400.24.81.1</li>
<li>kernel-obs-qa-5.14.21-150400.24.81.1</li>
<li>kernel-default-devel-5.14.21-150400.24.81.1</li>
<li>kernel-obs-build-debugsource-5.14.21-150400.24.81.1</li>
<li>kernel-default-extra-debuginfo-5.14.21-150400.24.81.1</li>
<li>gfs2-kmp-default-5.14.21-150400.24.81.1</li>
<li>cluster-md-kmp-default-debuginfo-5.14.21-150400.24.81.1</li>
<li>reiserfs-kmp-default-debuginfo-5.14.21-150400.24.81.1</li>
<li>kselftests-kmp-default-5.14.21-150400.24.81.1</li>
<li>dlm-kmp-default-5.14.21-150400.24.81.1</li>
<li>kernel-syms-5.14.21-150400.24.81.1</li>
<li>ocfs2-kmp-default-5.14.21-150400.24.81.1</li>
<li>kernel-default-debuginfo-5.14.21-150400.24.81.1</li>
<li>gfs2-kmp-default-debuginfo-5.14.21-150400.24.81.1</li>
<li>kselftests-kmp-default-debuginfo-5.14.21-150400.24.81.1</li>
<li>kernel-default-devel-debuginfo-5.14.21-150400.24.81.1</li>
<li>kernel-default-debugsource-5.14.21-150400.24.81.1</li>
<li>kernel-default-livepatch-devel-5.14.21-150400.24.81.1</li>
<li>ocfs2-kmp-default-debuginfo-5.14.21-150400.24.81.1</li>
<li>reiserfs-kmp-default-5.14.21-150400.24.81.1</li>
<li>dlm-kmp-default-debuginfo-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc)
<ul>
<li>kernel-default-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64)
<ul>
<li>kernel-kvmsmall-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.4 (nosrc s390x)
<ul>
<li>kernel-zfcpdump-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.4 (s390x)
<ul>
<li>kernel-zfcpdump-debugsource-5.14.21-150400.24.81.1</li>
<li>kernel-zfcpdump-debuginfo-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.4 (nosrc)
<ul>
<li>dtb-aarch64-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.4 (aarch64)
<ul>
<li>dtb-marvell-5.14.21-150400.24.81.1</li>
<li>dtb-apple-5.14.21-150400.24.81.1</li>
<li>dtb-renesas-5.14.21-150400.24.81.1</li>
<li>dtb-qcom-5.14.21-150400.24.81.1</li>
<li>kernel-64kb-extra-debuginfo-5.14.21-150400.24.81.1</li>
<li>kernel-64kb-devel-5.14.21-150400.24.81.1</li>
<li>kernel-64kb-debugsource-5.14.21-150400.24.81.1</li>
<li>dtb-altera-5.14.21-150400.24.81.1</li>
<li>dtb-freescale-5.14.21-150400.24.81.1</li>
<li>dtb-cavium-5.14.21-150400.24.81.1</li>
<li>kernel-64kb-optional-5.14.21-150400.24.81.1</li>
<li>ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.81.1</li>
<li>kernel-64kb-livepatch-devel-5.14.21-150400.24.81.1</li>
<li>kernel-64kb-optional-debuginfo-5.14.21-150400.24.81.1</li>
<li>gfs2-kmp-64kb-5.14.21-150400.24.81.1</li>
<li>dtb-amd-5.14.21-150400.24.81.1</li>
<li>dtb-amlogic-5.14.21-150400.24.81.1</li>
<li>dtb-exynos-5.14.21-150400.24.81.1</li>
<li>dtb-broadcom-5.14.21-150400.24.81.1</li>
<li>ocfs2-kmp-64kb-5.14.21-150400.24.81.1</li>
<li>cluster-md-kmp-64kb-5.14.21-150400.24.81.1</li>
<li>dtb-allwinner-5.14.21-150400.24.81.1</li>
<li>gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.81.1</li>
<li>dtb-rockchip-5.14.21-150400.24.81.1</li>
<li>dlm-kmp-64kb-debuginfo-5.14.21-150400.24.81.1</li>
<li>dtb-amazon-5.14.21-150400.24.81.1</li>
<li>kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.81.1</li>
<li>kselftests-kmp-64kb-5.14.21-150400.24.81.1</li>
<li>kernel-64kb-extra-5.14.21-150400.24.81.1</li>
<li>dtb-nvidia-5.14.21-150400.24.81.1</li>
<li>kernel-64kb-debuginfo-5.14.21-150400.24.81.1</li>
<li>dtb-lg-5.14.21-150400.24.81.1</li>
<li>dtb-arm-5.14.21-150400.24.81.1</li>
<li>dtb-sprd-5.14.21-150400.24.81.1</li>
<li>kernel-64kb-devel-debuginfo-5.14.21-150400.24.81.1</li>
<li>reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.81.1</li>
<li>dtb-apm-5.14.21-150400.24.81.1</li>
<li>cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.81.1</li>
<li>dtb-xilinx-5.14.21-150400.24.81.1</li>
<li>dlm-kmp-64kb-5.14.21-150400.24.81.1</li>
<li>reiserfs-kmp-64kb-5.14.21-150400.24.81.1</li>
<li>dtb-mediatek-5.14.21-150400.24.81.1</li>
<li>dtb-socionext-5.14.21-150400.24.81.1</li>
<li>dtb-hisilicon-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.4 (aarch64 nosrc)
<ul>
<li>kernel-64kb-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
openSUSE Leap Micro 5.3 (aarch64 nosrc x86_64)
<ul>
<li>kernel-default-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
openSUSE Leap Micro 5.3 (aarch64 x86_64)
<ul>
<li>kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3</li>
<li>kernel-default-debuginfo-5.14.21-150400.24.81.1</li>
<li>kernel-default-debugsource-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
openSUSE Leap Micro 5.4 (aarch64 nosrc s390x x86_64)
<ul>
<li>kernel-default-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
openSUSE Leap Micro 5.4 (aarch64 x86_64)
<ul>
<li>kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3</li>
</ul>
</li>
<li>
openSUSE Leap Micro 5.4 (aarch64 s390x x86_64)
<ul>
<li>kernel-default-debuginfo-5.14.21-150400.24.81.1</li>
<li>kernel-default-debugsource-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64)
<ul>
<li>kernel-default-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64)
<ul>
<li>kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
<ul>
<li>kernel-default-debuginfo-5.14.21-150400.24.81.1</li>
<li>kernel-default-debugsource-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64)
<ul>
<li>kernel-default-5.14.21-150400.24.81.1</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64)
<ul>
<li>kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
<ul>
<li>kernel-default-debuginfo-5.14.21-150400.24.81.1</li>
<li>kernel-default-debugsource-5.14.21-150400.24.81.1</li>
</ul>
</li>
</ul>
<h2>References:</h2>
<ul>
<li>
<a href="https://www.suse.com/security/cve/CVE-2022-40982.html">https://www.suse.com/security/cve/CVE-2022-40982.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-0459.html">https://www.suse.com/security/cve/CVE-2023-0459.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-20569.html">https://www.suse.com/security/cve/CVE-2023-20569.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-21400.html">https://www.suse.com/security/cve/CVE-2023-21400.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-2156.html">https://www.suse.com/security/cve/CVE-2023-2156.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-2166.html">https://www.suse.com/security/cve/CVE-2023-2166.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-31083.html">https://www.suse.com/security/cve/CVE-2023-31083.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-3268.html">https://www.suse.com/security/cve/CVE-2023-3268.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-3567.html">https://www.suse.com/security/cve/CVE-2023-3567.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-3609.html">https://www.suse.com/security/cve/CVE-2023-3609.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-3611.html">https://www.suse.com/security/cve/CVE-2023-3611.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-3776.html">https://www.suse.com/security/cve/CVE-2023-3776.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-4004.html">https://www.suse.com/security/cve/CVE-2023-4004.html</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1206418">https://bugzilla.suse.com/show_bug.cgi?id=1206418</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1207129">https://bugzilla.suse.com/show_bug.cgi?id=1207129</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1210627">https://bugzilla.suse.com/show_bug.cgi?id=1210627</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1210780">https://bugzilla.suse.com/show_bug.cgi?id=1210780</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1211131">https://bugzilla.suse.com/show_bug.cgi?id=1211131</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1211738">https://bugzilla.suse.com/show_bug.cgi?id=1211738</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1212502">https://bugzilla.suse.com/show_bug.cgi?id=1212502</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1212604">https://bugzilla.suse.com/show_bug.cgi?id=1212604</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1212901">https://bugzilla.suse.com/show_bug.cgi?id=1212901</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213167">https://bugzilla.suse.com/show_bug.cgi?id=1213167</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213272">https://bugzilla.suse.com/show_bug.cgi?id=1213272</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213287">https://bugzilla.suse.com/show_bug.cgi?id=1213287</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213304">https://bugzilla.suse.com/show_bug.cgi?id=1213304</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213585">https://bugzilla.suse.com/show_bug.cgi?id=1213585</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213586">https://bugzilla.suse.com/show_bug.cgi?id=1213586</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213588">https://bugzilla.suse.com/show_bug.cgi?id=1213588</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213620">https://bugzilla.suse.com/show_bug.cgi?id=1213620</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213653">https://bugzilla.suse.com/show_bug.cgi?id=1213653</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213713">https://bugzilla.suse.com/show_bug.cgi?id=1213713</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213715">https://bugzilla.suse.com/show_bug.cgi?id=1213715</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213747">https://bugzilla.suse.com/show_bug.cgi?id=1213747</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213756">https://bugzilla.suse.com/show_bug.cgi?id=1213756</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213759">https://bugzilla.suse.com/show_bug.cgi?id=1213759</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213777">https://bugzilla.suse.com/show_bug.cgi?id=1213777</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213810">https://bugzilla.suse.com/show_bug.cgi?id=1213810</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213812">https://bugzilla.suse.com/show_bug.cgi?id=1213812</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213842">https://bugzilla.suse.com/show_bug.cgi?id=1213842</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213856">https://bugzilla.suse.com/show_bug.cgi?id=1213856</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213857">https://bugzilla.suse.com/show_bug.cgi?id=1213857</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213863">https://bugzilla.suse.com/show_bug.cgi?id=1213863</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213867">https://bugzilla.suse.com/show_bug.cgi?id=1213867</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213870">https://bugzilla.suse.com/show_bug.cgi?id=1213870</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213871">https://bugzilla.suse.com/show_bug.cgi?id=1213871</a>
</li>
</ul>
</div>