# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2023:3377-1  
Rating: important  
References:

  * #1206418
  * #1207129
  * #1210627
  * #1210780
  * #1211131
  * #1211738
  * #1212502
  * #1212604
  * #1212901
  * #1213167
  * #1213272
  * #1213287
  * #1213304
  * #1213588
  * #1213620
  * #1213653
  * #1213713
  * #1213715
  * #1213747
  * #1213756
  * #1213759
  * #1213777
  * #1213810
  * #1213812
  * #1213856
  * #1213857
  * #1213863
  * #1213867
  * #1213870
  * #1213871

  
Cross-References:

  * CVE-2022-40982
  * CVE-2023-0459
  * CVE-2023-20569
  * CVE-2023-21400
  * CVE-2023-2156
  * CVE-2023-2166
  * CVE-2023-31083
  * CVE-2023-3268
  * CVE-2023-3567
  * CVE-2023-3776
  * CVE-2023-4004

  
CVSS scores:

  * CVE-2022-40982 ( SUSE ):  6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2022-40982 ( NVD ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
  * CVE-2023-0459 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-0459 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-20569 ( SUSE ):  5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
  * CVE-2023-20569 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-21400 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-21400 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-2156 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-2156 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-2166 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-2166 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-31083 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-31083 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-3268 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
  * CVE-2023-3268 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2023-3567 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-3567 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-3776 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-3776 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-4004 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-4004 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * Public Cloud Module 15-SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves 11 vulnerabilities and has 19 fixes can now be installed.

## Description:

The SUSE Linux Enterprise 15 SP4 Azure kernel was updated to receive various
security and bugfixes.

The following security bugs were fixed:

  * CVE-2022-40982: Fixed transient execution attack called "Gather Data
    Sampling" (bsc#1206418).
  * CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec
    (bsc#1211738).
  * CVE-2023-20569: Fixed side channel attack ‘Inception’ or ‘RAS Poisoning’
    (bsc#1213287).
  * CVE-2023-21400: Fixed several memory corruptions due to improper locking in
    io_uring (bsc#1213272).
  * CVE-2023-2156: Fixed a flaw in the networking subsystem within the handling
    of the RPL protocol (bsc#1211131).
  * CVE-2023-2166: Fixed NULL pointer dereference in can_rcv_filter
    (bsc#1210627).
  * CVE-2023-31083: Fixed race condition in hci_uart_tty_ioctl (bsc#1210780).
  * CVE-2023-3268: Fixed an out of bounds memory access flaw in
    relay_file_read_start_pos in the relayfs (bsc#1212502).
  * CVE-2023-3567: Fixed a use-after-free in vcs_read in
    drivers/tty/vt/vc_screen.c (bsc#1213167).
  * CVE-2023-3776: Fixed improper refcount update in cls_fw leads to use-after-
    free (bsc#1213588).
  * CVE-2023-4004: Fixed improper element removal netfilter nft_set_pipapo
    (bsc#1213812).

The following non-security bugs were fixed:

  * afs: adjust ack interpretation to try and cope with nat (git-fixes).
  * afs: fix access after dec in put functions (git-fixes).
  * afs: fix afs_getattr() to refetch file status if callback break occurred
    (git-fixes).
  * afs: fix dynamic root getattr (git-fixes).
  * afs: fix fileserver probe rtt handling (git-fixes).
  * afs: fix infinite loop found by xfstest generic/676 (git-fixes).
  * afs: fix lost servers_outstanding count (git-fixes).
  * afs: fix server->active leak in afs_put_server (git-fixes).
  * afs: fix setting of mtime when creating a file/dir/symlink (git-fixes).
  * afs: fix updating of i_size with dv jump from server (git-fixes).
  * afs: fix vlserver probe rtt handling (git-fixes).
  * afs: return -eagain, not -eremoteio, when a file already locked (git-fixes).
  * afs: use refcount_t rather than atomic_t (git-fixes).
  * afs: use the operation issue time instead of the reply time for callbacks
    (git-fixes).
  * alsa: emu10k1: roll up loops in dsp setup code for audigy (git-fixes).
  * alsa: hda/realtek: support asus g713pv laptop (git-fixes).
  * alsa: hda/relatek: enable mute led on hp 250 g8 (git-fixes).
  * alsa: usb-audio: add quirk for microsoft modern wireless headset
    (bsc#1207129).
  * alsa: usb-audio: update for native dsd support quirks (git-fixes).
  * asoc: atmel: fix the 8k sample parameter in i2sc master (git-fixes).
  * asoc: codecs: es8316: fix dmic config (git-fixes).
  * asoc: da7219: check for failure reading aad irq events (git-fixes).
  * asoc: da7219: flush pending aad irq when suspending (git-fixes).
  * asoc: fsl_sai: disable bit clock with transmitter (git-fixes).
  * asoc: fsl_spdif: silence output on stop (git-fixes).
  * asoc: rt5682-sdw: fix for jd event handling in clockstop mode0 (git-fixes).
  * asoc: rt711-sdca: fix for jd event handling in clockstop mode0 (git-fixes).
  * asoc: rt711: fix for jd event handling in clockstop mode0 (git-fixes).
  * asoc: wm8904: fill the cache for wm8904_adc_test_0 register (git-fixes).
  * ata: pata_ns87415: mark ns87560_tf_read static (git-fixes).
  * block, bfq: fix division by zero error on zero wsum (bsc#1213653).
  * block: fix a source code comment in include/uapi/linux/blkzoned.h (git-
    fixes).
  * can: gs_usb: gs_can_close(): add missing set of can state to
    can_state_stopped (git-fixes).
  * ceph: do not let check_caps skip sending responses for revoke msgs
    (bsc#1213856).
  * coda: avoid partial allocation of sig_inputargs (git-fixes).
  * dlm: fix missing lkb refcount handling (git-fixes).
  * dlm: fix plock invalid read (git-fixes).
  * documentation: devices.txt: reconcile serial/ucc_uart minor numers (git-
    fixes).
  * drm/amd/display: disable mpc split by default on special asic (git-fixes).
  * drm/amd/display: keep phy active for dp displays on dcn31 (git-fixes).
  * drm/client: fix memory leak in drm_client_modeset_probe (git-fixes).
  * drm/msm/adreno: fix snapshot bindless_data size (git-fixes).
  * drm/msm/dpu: drop enum dpu_core_perf_data_bus_id (git-fixes).
  * drm/msm: fix is_err_or_null() vs null check in a5xx_submit_in_rb() (git-
    fixes).
  * drm/radeon: fix integer overflow in radeon_cs_parser_init (git-fixes).
  * drop amdgpu patches for fixing regression (bsc#1213304,bsc#1213777)
  * file: always lock position for fmode_atomic_pos (bsc#1213759).
  * fs: dlm: add midcomms init/start functions (git-fixes).
  * fs: dlm: do not set stop rx flag after node reset (git-fixes).
  * fs: dlm: filter user dlm messages for kernel locks (git-fixes).
  * fs: dlm: fix log of lowcomms vs midcomms (git-fixes).
  * fs: dlm: fix race between test_bit() and queue_work() (git-fixes).
  * fs: dlm: fix race in lowcomms (git-fixes).
  * fs: dlm: handle -ebusy first in lock arg validation (git-fixes).
  * fs: dlm: move sending fin message into state change handling (git-fixes).
  * fs: dlm: retry accept() until -eagain or error returns (git-fixes).
  * fs: dlm: return positive pid value for f_getlk (git-fixes).
  * fs: dlm: start midcomms before scand (git-fixes).
  * fs: hfsplus: remove warn_on() from hfsplus_cat_{read,write}_inode() (git-
    fixes).
  * fs: jfs: check for read-only mounted filesystem in txbegin (git-fixes).
  * fs: jfs: fix null-ptr-deref read in txbegin (git-fixes).
  * fs: jfs: fix ubsan: array-index-out-of-bounds in dballocdmaplev (git-fixes).
  * gve: set default duplex configuration to full (git-fixes).
  * gve: unify driver name usage (git-fixes).
  * hwmon: (k10temp) enable amd3255 proc to show negative temperature (git-
    fixes).
  * hwmon: (nct7802) fix for temp6 (peci1) processed even if peci1 disabled
    (git-fixes).
  * iavf: fix out-of-bounds when setting channels on remove (git-fixes).
  * iavf: fix use-after-free in free_netdev (git-fixes).
  * iavf: use internal state to free traffic irqs (git-fixes).
  * igc: check if hardware tx timestamping is enabled earlier (git-fixes).
  * igc: enable and fix rx hash usage by netstack (git-fixes).
  * igc: fix inserting of empty frame for launchtime (git-fixes).
  * igc: fix kernel panic during ndo_tx_timeout callback (git-fixes).
  * igc: fix launchtime before start of cycle (git-fixes).
  * igc: fix race condition in ptp tx code (git-fixes).
  * igc: handle pps start time programming for past time values (git-fixes).
  * igc: prevent garbled tx queue with xdp zerocopy (git-fixes).
  * igc: remove delay during tx ring configuration (git-fixes).
  * igc: set tp bit in 'supported' and 'advertising' fields of
    ethtool_link_ksettings (git-fixes).
  * igc: work around hw bug causing missing timestamps (git-fixes).
  * input: i8042 - add clevo pcx0dx to i8042 quirk table (git-fixes).
  * input: iqs269a - do not poll during ati (git-fixes).
  * input: iqs269a - do not poll during suspend or resume (git-fixes).
  * jffs2: fix memory leak in jffs2_do_fill_super (git-fixes).
  * jffs2: fix memory leak in jffs2_do_mount_fs (git-fixes).
  * jffs2: fix memory leak in jffs2_scan_medium (git-fixes).
  * jffs2: fix use-after-free in jffs2_clear_xattr_subsystem (git-fixes).
  * jffs2: gc deadlock reading a page that is used in jffs2_write_begin() (git-
    fixes).
  * jffs2: reduce stack usage in jffs2_build_xattr_subsystem() (git-fixes).
  * jfs: jfs_dmap: validate db_l2nbperpage while mounting (git-fixes).
  * kernel-binary.spec.in: remove superfluous %% in supplements fixes:
    02b7735e0caf ("rpm/kernel-binary.spec.in: add enhances and supplements tags
    to in-tree kmps")
  * kvm: arm64: do not read a hw interrupt pending state in user context (git-
    fixes)
  * kvm: arm64: warn if accessing timer pending state outside of vcpu
    (bsc#1213620)
  * kvm: do not null dereference ops->destroy (git-fixes)
  * kvm: downgrade two bug_ons to warn_on_once (git-fixes)
  * kvm: initialize debugfs_dentry when a vm is created to avoid null (git-
    fixes)
  * kvm: s390: pv: fix index value of replaced asce (git-fixes bsc#1213867).
  * kvm: vmx: inject #gp on encls if vcpu has paging disabled (cr0.pg==0) (git-
    fixes).
  * kvm: vmx: inject #gp, not #ud, if sgx2 encls leafs are unsupported (git-
    fixes).
  * kvm: vmx: restore vmx_vmexit alignment (git-fixes).
  * kvm: x86: account fastpath-only vm-exits in vcpu stats (git-fixes).
  * libceph: harden msgr2.1 frame segment length checks (bsc#1213857).
  * media: staging: atomisp: select v4l2_fwnode (git-fixes).
  * net: ena: fix shift-out-of-bounds in exponential backoff (git-fixes).
  * net: mana: batch ringing rx queue doorbell on receiving packets
    (bsc#1212901).
  * net: mana: use the correct wqe count for ringing rq doorbell (bsc#1212901).
  * net: phy: marvell10g: fix 88x3310 power up (git-fixes).
  * nfsd: add encoding of op_recall flag for write delegation (git-fixes).
  * nfsd: fix double fget() bug in __write_ports_addfd() (git-fixes).
  * nfsd: fix sparse warning (git-fixes).
  * nfsd: remove open coding of string copy (git-fixes).
  * nfsv4.1: always send a reclaim_complete after establishing lease (git-
    fixes).
  * nfsv4.1: freeze the session table upon receiving nfs4err_badsession (git-
    fixes).
  * nvme-pci: fix dma direction of unmapping integrity data (git-fixes).
  * nvme-pci: remove nvme_queue from nvme_iod (git-fixes).
  * octeontx-af: fix hardware timestamp configuration (git-fixes).
  * octeontx2-af: move validation of ptp pointer before its usage (git-fixes).
  * octeontx2-pf: add additional check for mcam rules (git-fixes).
  * phy: hisilicon: fix an out of bounds check in hisi_inno_phy_probe() (git-
    fixes).
  * pinctrl: amd: do not show `invalid config param` errors (git-fixes).
  * pinctrl: amd: use amd_pinconf_set() for all config options (git-fixes).
  * platform/x86: msi-laptop: fix rfkill out-of-sync on msi wind u100 (git-
    fixes).
  * rdma/bnxt_re: fix hang during driver unload (git-fixes)
  * rdma/bnxt_re: prevent handling any completions after qp destroy (git-fixes)
  * rdma/core: update cma destination address on rdma_resolve_addr (git-fixes)
  * rdma/irdma: add missing read barriers (git-fixes)
  * rdma/irdma: fix data race on cqp completion stats (git-fixes)
  * rdma/irdma: fix data race on cqp request done (git-fixes)
  * rdma/irdma: fix op_type reporting in cqes (git-fixes)
  * rdma/irdma: report correct wc error (git-fixes)
  * rdma/mlx4: make check for invalid flags stricter (git-fixes)
  * rdma/mthca: fix crash when polling cq for shared qps (git-fixes)
  * regmap: account for register length in smbus i/o limits (git-fixes).
  * regmap: drop initial version of maximum transfer length fixes (git-fixes).
  * revert "debugfs, coccinelle: check for obsolete define_simple_attribute()
    usage" (git-fixes).
  * revert "nfsv4: retry lock on old_stateid during delegation return" (git-
    fixes).
  * revert "usb: dwc3: core: enable autoretry feature in the controller" (git-
    fixes).
  * revert "usb: gadget: tegra-xudc: fix error check in
    tegra_xudc_powerdomain_init()" (git-fixes).
  * revert "usb: xhci: tegra: fix error check" (git-fixes).
  * rpm: update dependency to match current kmod.
  * rxrpc, afs: fix selection of abort codes (git-fixes).
  * s390/bpf: add expoline to tail calls (git-fixes bsc#1213870).
  * s390/dasd: fix hanging device after quiesce/resume (git-fixes bsc#1213810).
  * s390/decompressor: specify __decompress() buf len to avoid overflow (git-
    fixes bsc#1213863).
  * s390/ipl: add missing intersection check to ipl_report handling (git-fixes
    bsc#1213871).
  * s390/qeth: fix vipa deletion (git-fixes bsc#1213713).
  * s390/vmem: fix empty page tables cleanup under kasan (git-fixes
    bsc#1213715).
  * s390: introduce nospec_uses_trampoline() (git-fixes bsc#1213870).
  * scftorture: count reschedule ipis (git-fixes).
  * scsi: lpfc: abort outstanding els cmds when mailbox timeout error is
    detected (bsc#1213756).
  * scsi: lpfc: avoid -wstringop-overflow warning (bsc#1213756).
  * scsi: lpfc: clean up sli-4 sysfs resource reporting (bsc#1213756).
  * scsi: lpfc: copyright updates for 14.2.0.14 patches (bsc#1213756).
  * scsi: lpfc: fix a possible data race in lpfc_unregister_fcf_rescan()
    (bsc#1213756).
  * scsi: lpfc: fix incorrect big endian type assignment in bsg loopback path
    (bsc#1213756).
  * scsi: lpfc: fix incorrect big endian type assignments in fdmi and vmid paths
    (bsc#1213756).
  * scsi: lpfc: fix lpfc_name struct packing (bsc#1213756).
  * scsi: lpfc: make fabric zone discovery more robust when handling unsolicited
    logo (bsc#1213756).
  * scsi: lpfc: pull out fw diagnostic dump log message from driver's trace
    buffer (bsc#1213756).
  * scsi: lpfc: qualify ndlp discovery state when processing rscn (bsc#1213756).
  * scsi: lpfc: refactor cpu affinity assignment paths (bsc#1213756).
  * scsi: lpfc: remove extra ndlp kref decrement in flogi cmpl for loop topology
    (bsc#1213756).
  * scsi: lpfc: replace all non-returning strlcpy() with strscpy()
    (bsc#1213756).
  * scsi: lpfc: replace one-element array with flexible-array member
    (bsc#1213756).
  * scsi: lpfc: revise ndlp kref handling for dev_loss_tmo_callbk and
    lpfc_drop_node (bsc#1213756).
  * scsi: lpfc: set establish image pair service parameter only for target
    functions (bsc#1213756).
  * scsi: lpfc: simplify fcp_abort transport callback log message (bsc#1213756).
  * scsi: lpfc: update lpfc version to 14.2.0.14 (bsc#1213756).
  * scsi: lpfc: use struct_size() helper (bsc#1213756).
  * scsi: qla2xxx: adjust iocb resource on qpair create (bsc#1213747).
  * scsi: qla2xxx: array index may go out of bound (bsc#1213747).
  * scsi: qla2xxx: avoid fcport pointer dereference (bsc#1213747).
  * scsi: qla2xxx: check valid rport returned by fc_bsg_to_rport()
    (bsc#1213747).
  * scsi: qla2xxx: correct the index of array (bsc#1213747).
  * scsi: qla2xxx: drop useless list_head (bsc#1213747).
  * scsi: qla2xxx: fix buffer overrun (bsc#1213747).
  * scsi: qla2xxx: fix command flush during tmf (bsc#1213747).
  * scsi: qla2xxx: fix deletion race condition (bsc#1213747).
  * scsi: qla2xxx: fix end of loop test (bsc#1213747).
  * scsi: qla2xxx: fix erroneous link up failure (bsc#1213747).
  * scsi: qla2xxx: fix error code in qla2x00_start_sp() (bsc#1213747).
  * scsi: qla2xxx: fix inconsistent tmf timeout (bsc#1213747).
  * scsi: qla2xxx: fix null pointer dereference in target mode (bsc#1213747).
  * scsi: qla2xxx: fix potential null pointer dereference (bsc#1213747).
  * scsi: qla2xxx: fix session hang in gnl (bsc#1213747).
  * scsi: qla2xxx: fix tmf leak through (bsc#1213747).
  * scsi: qla2xxx: limit tmf to 8 per function (bsc#1213747).
  * scsi: qla2xxx: pointer may be dereferenced (bsc#1213747).
  * scsi: qla2xxx: remove unused nvme_ls_waitq wait queue (bsc#1213747).
  * scsi: qla2xxx: replace one-element array with declare_flex_array() helper
    (bsc#1213747).
  * scsi: qla2xxx: silence a static checker warning (bsc#1213747).
  * scsi: qla2xxx: turn off noisy message log (bsc#1213747).
  * scsi: qla2xxx: update version to 10.02.08.400-k (bsc#1213747).
  * scsi: qla2xxx: update version to 10.02.08.500-k (bsc#1213747).
  * scsi: qla2xxx: use vmalloc_array() and vcalloc() (bsc#1213747).
  * serial: qcom-geni: drop bogus runtime pm state update (git-fixes).
  * serial: sifive: fix sifive_serial_console_setup() section (git-fixes).
  * soundwire: qcom: update status correctly with mask (git-fixes).
  * staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext() (git-
    fixes).
  * staging: r8712: fix memory leak in _r8712_init_xmit_priv() (git-fixes).
  * sunrpc: always free ctxt when freeing deferred request (git-fixes).
  * sunrpc: double free xprt_ctxt while still in use (git-fixes).
  * sunrpc: fix trace_svc_register() call site (git-fixes).
  * sunrpc: fix uaf in svc_tcp_listen_data_ready() (git-fixes).
  * sunrpc: remove dead code in svc_tcp_release_rqst() (git-fixes).
  * sunrpc: remove the maximum number of retries in call_bind_status (git-
    fixes).
  * svcrdma: prevent page release when nothing was received (git-fixes).
  * tpm_tis: explicitly check for error code (git-fixes).
  * tty: n_gsm: fix uaf in gsm_cleanup_mux (git-fixes).
  * ubifs: add missing iput if do_tmpfile() failed in rename whiteout (git-
    fixes).
  * ubifs: do_rename: fix wrong space budget when target inode's nlink > 1 (git-
    fixes).
  * ubifs: error path in ubifs_remount_rw() seems to wrongly free write buffers
    (git-fixes).
  * ubifs: fix 'ui->dirty' race between do_tmpfile() and writeback work (git-
    fixes).
  * ubifs: fix aa deadlock when setting xattr for encrypted file (git-fixes).
  * ubifs: fix build errors as symbol undefined (git-fixes).
  * ubifs: fix deadlock in concurrent rename whiteout and inode writeback (git-
    fixes).
  * ubifs: fix memory leak in alloc_wbufs() (git-fixes).
  * ubifs: fix memory leak in do_rename (git-fixes).
  * ubifs: fix read out-of-bounds in ubifs_wbuf_write_nolock() (git-fixes).
  * ubifs: fix to add refcount once page is set private (git-fixes).
  * ubifs: fix wrong dirty space budget for dirty inode (git-fixes).
  * ubifs: free memory for tmpfile name (git-fixes).
  * ubifs: rectify space amount budget for mkdir/tmpfile operations (git-fixes).
  * ubifs: rectify space budget for ubifs_symlink() if symlink is encrypted
    (git-fixes).
  * ubifs: rectify space budget for ubifs_xrename() (git-fixes).
  * ubifs: rename whiteout atomically (git-fixes).
  * ubifs: rename_whiteout: correct old_dir size computing (git-fixes).
  * ubifs: rename_whiteout: fix double free for whiteout_ui->data (git-fixes).
  * ubifs: reserve one leb for each journal head while doing budget (git-fixes).
  * ubifs: setflags: make dirtied_ino_d 8 bytes aligned (git-fixes).
  * ubifs: ubifs_writepage: mark page dirty after writing inode failed (git-
    fixes).
  * update patches.suse/rdma-mthca-fix-crash-when-polling-cq-for-shared-qps.
    (git-fixes bsc#1212604). added bug reference.
  * usb: dwc3: do not reset device side if dwc3 was configured as host-only
    (git-fixes).
  * usb: dwc3: pci: skip byt gpio lookup table for hardwired phy (git-fixes).
  * usb: gadget: core: remove unbalanced mutex_unlock in usb_gadget_activate
    (git-fixes).
  * usb: xhci-mtk: set the dma max_seg_size (git-fixes).
  * vhost: support packed when setting-getting vring_base (git-fixes).
  * vhost_net: revert upend_idx only on retriable error (git-fixes).
  * virtio-net: maintain reverse cleanup order (git-fixes).
  * virtio_net: fix error unwinding of xdp initialization (git-fixes).
  * x86/pvh: obtain vga console info in dom0 (git-fixes).
  * xen/blkfront: only check req_fua for writes (git-fixes).
  * xen/pvcalls-back: fix double frees with pvcalls_new_active_socket() (git-
    fixes).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE Important update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2023-3377=1 openSUSE-SLE-15.4-2023-3377=1

  * Public Cloud Module 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2023-3377=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 x86_64)
    * gfs2-kmp-azure-5.14.21-150400.14.63.1
    * kernel-syms-azure-5.14.21-150400.14.63.1
    * kselftests-kmp-azure-5.14.21-150400.14.63.1
    * reiserfs-kmp-azure-5.14.21-150400.14.63.1
    * kernel-azure-optional-5.14.21-150400.14.63.1
    * kernel-azure-debuginfo-5.14.21-150400.14.63.1
    * reiserfs-kmp-azure-debuginfo-5.14.21-150400.14.63.1
    * kernel-azure-extra-debuginfo-5.14.21-150400.14.63.1
    * cluster-md-kmp-azure-5.14.21-150400.14.63.1
    * dlm-kmp-azure-5.14.21-150400.14.63.1
    * ocfs2-kmp-azure-debuginfo-5.14.21-150400.14.63.1
    * dlm-kmp-azure-debuginfo-5.14.21-150400.14.63.1
    * kernel-azure-livepatch-devel-5.14.21-150400.14.63.1
    * kernel-azure-devel-debuginfo-5.14.21-150400.14.63.1
    * gfs2-kmp-azure-debuginfo-5.14.21-150400.14.63.1
    * kernel-azure-extra-5.14.21-150400.14.63.1
    * ocfs2-kmp-azure-5.14.21-150400.14.63.1
    * kselftests-kmp-azure-debuginfo-5.14.21-150400.14.63.1
    * cluster-md-kmp-azure-debuginfo-5.14.21-150400.14.63.1
    * kernel-azure-devel-5.14.21-150400.14.63.1
    * kernel-azure-optional-debuginfo-5.14.21-150400.14.63.1
    * kernel-azure-debugsource-5.14.21-150400.14.63.1
  * openSUSE Leap 15.4 (aarch64 nosrc x86_64)
    * kernel-azure-5.14.21-150400.14.63.1
  * openSUSE Leap 15.4 (noarch)
    * kernel-source-azure-5.14.21-150400.14.63.1
    * kernel-devel-azure-5.14.21-150400.14.63.1
  * Public Cloud Module 15-SP4 (aarch64 nosrc x86_64)
    * kernel-azure-5.14.21-150400.14.63.1
  * Public Cloud Module 15-SP4 (aarch64 x86_64)
    * kernel-azure-devel-debuginfo-5.14.21-150400.14.63.1
    * kernel-azure-debuginfo-5.14.21-150400.14.63.1
    * kernel-azure-devel-5.14.21-150400.14.63.1
    * kernel-syms-azure-5.14.21-150400.14.63.1
    * kernel-azure-debugsource-5.14.21-150400.14.63.1
  * Public Cloud Module 15-SP4 (noarch)
    * kernel-source-azure-5.14.21-150400.14.63.1
    * kernel-devel-azure-5.14.21-150400.14.63.1

## References:

  * https://www.suse.com/security/cve/CVE-2022-40982.html
  * https://www.suse.com/security/cve/CVE-2023-0459.html
  * https://www.suse.com/security/cve/CVE-2023-20569.html
  * https://www.suse.com/security/cve/CVE-2023-21400.html
  * https://www.suse.com/security/cve/CVE-2023-2156.html
  * https://www.suse.com/security/cve/CVE-2023-2166.html
  * https://www.suse.com/security/cve/CVE-2023-31083.html
  * https://www.suse.com/security/cve/CVE-2023-3268.html
  * https://www.suse.com/security/cve/CVE-2023-3567.html
  * https://www.suse.com/security/cve/CVE-2023-3776.html
  * https://www.suse.com/security/cve/CVE-2023-4004.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1206418
  * https://bugzilla.suse.com/show_bug.cgi?id=1207129
  * https://bugzilla.suse.com/show_bug.cgi?id=1210627
  * https://bugzilla.suse.com/show_bug.cgi?id=1210780
  * https://bugzilla.suse.com/show_bug.cgi?id=1211131
  * https://bugzilla.suse.com/show_bug.cgi?id=1211738
  * https://bugzilla.suse.com/show_bug.cgi?id=1212502
  * https://bugzilla.suse.com/show_bug.cgi?id=1212604
  * https://bugzilla.suse.com/show_bug.cgi?id=1212901
  * https://bugzilla.suse.com/show_bug.cgi?id=1213167
  * https://bugzilla.suse.com/show_bug.cgi?id=1213272
  * https://bugzilla.suse.com/show_bug.cgi?id=1213287
  * https://bugzilla.suse.com/show_bug.cgi?id=1213304
  * https://bugzilla.suse.com/show_bug.cgi?id=1213588
  * https://bugzilla.suse.com/show_bug.cgi?id=1213620
  * https://bugzilla.suse.com/show_bug.cgi?id=1213653
  * https://bugzilla.suse.com/show_bug.cgi?id=1213713
  * https://bugzilla.suse.com/show_bug.cgi?id=1213715
  * https://bugzilla.suse.com/show_bug.cgi?id=1213747
  * https://bugzilla.suse.com/show_bug.cgi?id=1213756
  * https://bugzilla.suse.com/show_bug.cgi?id=1213759
  * https://bugzilla.suse.com/show_bug.cgi?id=1213777
  * https://bugzilla.suse.com/show_bug.cgi?id=1213810
  * https://bugzilla.suse.com/show_bug.cgi?id=1213812
  * https://bugzilla.suse.com/show_bug.cgi?id=1213856
  * https://bugzilla.suse.com/show_bug.cgi?id=1213857
  * https://bugzilla.suse.com/show_bug.cgi?id=1213863
  * https://bugzilla.suse.com/show_bug.cgi?id=1213867
  * https://bugzilla.suse.com/show_bug.cgi?id=1213870
  * https://bugzilla.suse.com/show_bug.cgi?id=1213871

openSUSE: 2023:3377-1: important: the Linux Kernel Security Advisory Update

August 22, 2023
The SUSE Linux Enterprise 15 SP4 Azure kernel was updated to receive various security and bugfixes

Description

The SUSE Linux Enterprise 15 SP4 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-40982: Fixed transient execution attack called "Gather Data Sampling" (bsc#1206418). * CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec (bsc#1211738). * CVE-2023-20569: Fixed side channel attack ‘Inception’ or ‘RAS Poisoning’ (bsc#1213287). * CVE-2023-21400: Fixed several memory corruptions due to improper locking in io_uring (bsc#1213272). * CVE-2023-2156: Fixed a flaw in the networking subsystem within the handling of the RPL protocol (bsc#1211131). * CVE-2023-2166: Fixed NULL pointer dereference in can_rcv_filter (bsc#1210627). * CVE-2023-31083: Fixed race condition in hci_uart_tty_ioctl (bsc#1210780). * CVE-2023-3268: Fixed an out of bounds memory access flaw in relay_file_read_start_pos in the relayfs (bsc#1212502). * CVE-2023-3567: Fixed a use-after...

Read the Full Advisory

 

Patch

## Patch Instructions: To install this SUSE Important update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2023-3377=1 openSUSE-SLE-15.4-2023-3377=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2023-3377=1


Package List

* openSUSE Leap 15.4 (aarch64 x86_64) * gfs2-kmp-azure-5.14.21-150400.14.63.1 * kernel-syms-azure-5.14.21-150400.14.63.1 * kselftests-kmp-azure-5.14.21-150400.14.63.1 * reiserfs-kmp-azure-5.14.21-150400.14.63.1 * kernel-azure-optional-5.14.21-150400.14.63.1 * kernel-azure-debuginfo-5.14.21-150400.14.63.1 * reiserfs-kmp-azure-debuginfo-5.14.21-150400.14.63.1 * kernel-azure-extra-debuginfo-5.14.21-150400.14.63.1 * cluster-md-kmp-azure-5.14.21-150400.14.63.1 * dlm-kmp-azure-5.14.21-150400.14.63.1 * ocfs2-kmp-azure-debuginfo-5.14.21-150400.14.63.1 * dlm-kmp-azure-debuginfo-5.14.21-150400.14.63.1 * kernel-azure-livepatch-devel-5.14.21-150400.14.63.1 * kernel-azure-devel-debuginfo-5.14.21-150400.14.63.1 * gfs2-kmp-azure-debuginfo-5.14.21-150400.14.63.1 * kernel-azure-extra-5.14.21-150400.14.63.1 * ocfs2-kmp-azure-5.14.21-150400.14.63.1 * kselftests-kmp-azure-debuginfo-5.14.21-150400.14.63.1 * cluster-md-kmp-azure-debuginfo-5.14.21-150400.14.63.1 * kernel-azure-devel-5.14.21-150400.14.63.1 * kernel-azure-optional-debuginfo-5.14.21-150400.14.63.1 * kernel-azure-debugsource-5.14.21-150400.14.63.1 * openSUSE Leap 15.4 (aarch64 nosrc x86_64) * kernel-azure-5.14.21-150400.14.63.1 * openSUSE Leap 15.4 (noarch) * kernel-source-azure-5.14.21-150400.14.63.1 * kernel-devel-azure-5.14.21-150400.14.63.1 * Public Cloud Module 15-SP4 (aarch64 nosrc x86_64) * kernel-azure-5.14.21-150400.14.63.1 * Public Cloud Module 15-SP4 (aarch64 x86_64) * kernel-azure-devel-debuginfo-5.14.21-150400.14.63.1 * kernel-azure-debuginfo-5.14.21-150400.14.63.1 * kernel-azure-devel-5.14.21-150400.14.63.1 * kernel-syms-azure-5.14.21-150400.14.63.1 * kernel-azure-debugsource-5.14.21-150400.14.63.1 * Public Cloud Module 15-SP4 (noarch) * kernel-source-azure-5.14.21-150400.14.63.1 * kernel-devel-azure-5.14.21-150400.14.63.1


References

* #1206418 * #1207129 * #1210627 * #1210780 * #1211131 * #1211738 * #1212502 * #1212604 * #1212901 * #1213167 * #1213272 * #1213287 * #1213304 * #1213588 * #1213620 * #1213653 * #1213713 * #1213715 * #1213747 * #1213756 * #1213759 * #1213777 * #1213810 * #1213812 * #1213856 * #1213857 * #1213863 * #1213867 * #1213870 * #1213871 ## References: * https://www.suse.com/security/cve/CVE-2022-40982.html * https://www.suse.com/security/cve/CVE-2023-0459.html * https://www.suse.com/security/cve/CVE-2023-20569.html * https://www.suse.com/security/cve/CVE-2023-21400.html * https://www.suse.com/security/cve/CVE-2023-2156.html * https://www.suse.com/security/cve/CVE-2023-2166.html * https://www.suse.com/security/cve/CVE-2023-31083.html * https://www.suse.com/security/cve/CVE-2023-3268.html * https://www.suse.com/security/cve/CVE-2023-3567.html * https://www.suse.com/security/cve/CVE-2023-3776.html * https://www.suse.com/security/cve/CVE-2023-4004.html * https://bugzilla.suse.com/show_bug.cgi?id=1206418 * https://bugzilla.suse.com/show_bug.cgi?id=1207129 * https://bugzilla.suse.com/show_bug.cgi?id=1210627 * https://bugzilla.suse.com/show_bug.cgi?id=1210780 * https://bugzilla.suse.com/show_bug.cgi?id=1211131 * https://bugzilla.suse.com/show_bug.cgi?id=1211738 * https://bugzilla.suse.com/show_bug.cgi?id=1212502 * https://bugzilla.suse.com/show_bug.cgi?id=1212604 * https://bugzilla.suse.com/show_bug.cgi?id=1212901 * https://bugzilla.suse.com/show_bug.cgi?id=1213167 * https://bugzilla.suse.com/show_bug.cgi?id=1213272 * https://bugzilla.suse.com/show_bug.cgi?id=1213287 * https://bugzilla.suse.com/show_bug.cgi?id=1213304 * https://bugzilla.suse.com/show_bug.cgi?id=1213588 * https://bugzilla.suse.com/show_bug.cgi?id=1213620 * https://bugzilla.suse.com/show_bug.cgi?id=1213653 * https://bugzilla.suse.com/show_bug.cgi?id=1213713 * https://bugzilla.suse.com/show_bug.cgi?id=1213715 * https://bugzilla.suse.com/show_bug.cgi?id=1213747 * https://bugzilla.suse.com/show_bug.cgi?id=1213756 * https://bugzilla.suse.com/show_bug.cgi?id=1213759 * https://bugzilla.suse.com/show_bug.cgi?id=1213777 * https://bugzilla.suse.com/show_bug.cgi?id=1213810 * https://bugzilla.suse.com/show_bug.cgi?id=1213812 * https://bugzilla.suse.com/show_bug.cgi?id=1213856 * https://bugzilla.suse.com/show_bug.cgi?id=1213857 * https://bugzilla.suse.com/show_bug.cgi?id=1213863 * https://bugzilla.suse.com/show_bug.cgi?id=1213867 * https://bugzilla.suse.com/show_bug.cgi?id=1213870 * https://bugzilla.suse.com/show_bug.cgi?id=1213871


Severity
Announcement ID: SUSE-SU-2023:3377-1
Rating: important

Related News