The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input . - CVE-2021-3564: Fixed double-free memory corruption in the Linux kernel HCI device initialization subsystem that could have been used by attaching malicious HCI TTY Bluetooth devices. A local user could use this flaw to crash the system . - CVE-2020-28097: Fixed out-of-bounds read in vgacon subsystem that mishandled software scrollback . - CVE-2021-44733: Fixed a use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem, that could have occured because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object . - CVE-2022-0322: Fixed SCTP issue with account stream padding length for reconf chunk . - CVE-2021-4135: Fixed zero-initialize memory inside netdevsim for new map"s value in function nsim_bpf_map_alloc . - CVE-2022-22942: Fixed stale file descriptors on failed usercopy . - CVE-2021-39657: Fixed out of bounds read due to a missing bounds check in ufshcd_eh_device_reset_handler of ufshcd.c. This could lead to local information disclosure with System execution privileges needed . - CVE-2021-39648: Fixed possible disclosure of kernel heap memory due to a race condition in gadget_dev_desc_UDC_show of configfs.c. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation . - CVE-2022-0330: Fixed flush TLBs before releasing backing store . - CVE-2021-4197: Use cgroup open-time credentials for process migraton perm checks . - CVE-2021-4202: Fixed NFC race condition by adding NCI_UNREG flag . - CVE-2021-4083: Fixed a read-after-free memory flaw inside the garbage collection for Unix domain socket file handlers when users call close and fget simultaneouslyand can potentially trigger a race condition . - CVE-2021-4149: Fixed btrfs unlock newly allocated extent buffer after error . The following non-security bugs were fixed: - KVM: remember position in kvm-vcpus array . - KVM: s390: index kvm-arch.idle_mask by vcpu_idx . - SUNRPC: Add basic load balancing to the transport switch - kabi fix. - SUNRPC: Add basic load balancing to the transport switch. - SUNRPC: Fix initialisation of struct rpc_xprt_switch . - SUNRPC: Optimise transport balancing code . - SUNRPC: Replace division by multiplication in calculation of queue length . - SUNRPC: Skip zero-refcount transports . - USB: serial: option: add Telit FN990 compositions . - bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds . - crypto: qat - fix undetected PFVF timeout in ACK loop . - ext4: set csum seed in tmp inode while migrating to extents . - fget: clarify and improve __fget_files implementation . - hv_netvsc: Set needed_headroom according to VF . - ibmvnic: Allow extra failures before disabling . - ibmvnic: do not spin in tasklet . - ibmvnic: init -running_cap_crqs early . - ibmvnic: remove unused -wait_capability . - kABI fixup after adding vcpu_idx to struct kvm_cpu . - kabi: mask new member empty of struct Qdisc . - kabi: revert drop of Qdisc::atomic_qlen . - kprobes: Limit max data_size of the kretprobe instances . - livepatch: Avoid CPU hogging with cond_resched . - memstick: rtsx_usb_ms: fix UAF . - mm/hwpoison: do not lock page again when me_huge_page successfully recovers . - moxart: fix potential use-after-free on remove path . - net, xdp: Introduce xdp_init_buff utility routine . - net, xdp: Introduce xdp_prepare_buff utility routine . - net/sched: annotate lockless accesses to qdisc-empty . - net/sched: fix race between deactivation and dequeue for NOLOCK qdisc . - net/sched: pfifo_fast: fix wrong dereference in pfifo_fast_enqueue . - net/sched: pfifo_fast: fix wrong dereference when qdisc is reset . - net: Using proper atomic helper . - net: allow retransmitting a TCP packet if original is still in queue . - net: caif: avoid using qdisc_qlen . - net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero . - net: dev: introduce support for sch BYPASS for lockless qdisc . - net: mana: Add RX fencing . - net: mana: Add XDP support . - net: sch_generic: aviod concurrent reset and enqueue op for lockless qdisc . - net: sched: Avoid using yield in a busy waiting loop . - net: sched: add barrier to ensure correct ordering for lockless qdisc . - net: sched: add empty status flag for NOLOCK qdisc . - net: sched: always do stats accounting according to TCQ_F_CPUSTATS . - net: sched: avoid unnecessary seqcount operation for lockless qdisc . - net: sched: fix packet stuck problem for lockless qdisc . - net: sched: fix tx action reschedule issue with stopped queue . - net: sched: fix tx action rescheduling issue during deactivation . - net: sched: prefer qdisc_is_empty over direct qlen access . - net: sched: replaced invalid qdisc tree flush helper in qdisc_replace . - net: sched: when clearing NOLOCK, clear TCQ_F_CPUSTATS, too . - net: tipc: validate domain record count on input . - net: usb: lan78xx: add Allied Telesis AT29M2-AF . - net_sched: avoid resetting active qdisc for multiple times . - net_sched: get rid of unnecessary dev_qdisc_reset . - net_sched: use qdisc_reset in qdisc_destroy . - nfs: do not dirty kernel pages read by direct-io . - nvme: add "iopolicy" module parameter . - nvme: return BLK_STS_TRANSPORT unless DNR for NVME_SC_NS_NOT_READY . - of: Add cpu node iterator for_each_of_cpu_node . - of: Add device_type access helper functions . - of: Fix cpu node iterator to not ignore disabled cpu nodes . - of: Fix property name in of_node_get_device_type . - of: add node name compare helper functions . - powerpc/perf: Fix data source encodings for L2.1 and L3.1 accesses . - powerpc/prom_init: Fix improper check of prom_getprop . - powerpc/pseries/cpuhp: cache node corrections . - powerpc/pseries/cpuhp: delete add/remove_by_count code . - powerpc/pseries/mobility: ignore ibm, platform-facilities updates . - powerpc/traps: do not enable irqs in _exception . - powerpc: add interrupt_cond_local_irq_enable helper . - s390/cio: make ccw_device_dma_* more robust . - s390/pci: add s390_iommu_aperture kernel parameter . - s390/pci: move pseudo-MMIO to prevent MIO overlap . - select: Fix indefinitely sleeping task in poll_schedule_timeout . - tpm: Check for integer overflow in tpm2_map_response_body . - tpm: add request_locality before write TPM_INT_ENABLE . - tpm: fix potential NULL pointer access in tpm_del_char_device . - tracing/kprobes: "nmissed" not showed correctly for kretprobe . - tracing: Fix check for trace_percpu_buffer validity in get_trace_buf . - ucsi_ccg: Check DEV_INT bit only when starting CCG4 . - usb: core: config: fix validation of wMaxPacketValue entries . - usbnet: fix error return code in usbnet_probe . - usbnet: sanity check for maxpacket . - vfs: check fd has read access in kernel_read_file_from_fd . - virtio: write back F_VERSION_1 before validate . - x86/platform/uv: Add more to secondary CPU kdump info . Special Instructions and Notes: Please reboot the system after installing this update.