The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer , named Branch Target Injection and Intra-Mode Branch History Injection are now mitigated. The following security bugs were fixed: - CVE-2022-0001: Fixed Branch History Injection vulnerability . - CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability . - CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter via a malicious UDF image. - CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernel_read_file_from_fd . - CVE-2021-44879: In gc_data_segment in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference . - CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c . - CVE-2021-45095: Fixed refcount leak in pep_sock_accept in net/phonet/pep.c . - CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c . - CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly . - CVE-2022-24448: Fixed an issue in fs/nfs/dir.c. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor . The following non-security bugs were fixed: - Bluetooth: bfusb: fix division by zero in send path . - Bluetooth: fix the erroneous flush_work order . - EDAC/xgene: Fix deferred probing . - IB/rdmavt: Validate remote_addr during loopback atomic tests . - NFSv4.x: by default serialize open/close operations . Make this work-around optional - NFSv42: Do not fail clone unless the OP_CLONE operation failed . - NFSv42: Fix pagecache invalidation after COPY/CLONE . - NFSv4: Handle case where the lookup of a directory fails . - NFSv4: nfs_atomic_open can race when looking up a non-regular file . - PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller . - RDMA/bnxt_re: Fix query SRQ failure . - RDMA/mlx5: Set user priority for DCT . - RDMA/netlink: Add __maybe_unused to static inline in C file . - Replace with an alternative fix for bsc#1185377 - crypto: af_alg - get_page upon reassignment to TX SGL . - cxgb4: fix eeprom len when diagnostics not implemented . - e1000e: Fix packet loss on Tiger Lake and later . - ext4: avoid trim error on fs with small groups . - fuse: annotate lock in fuse_reverse_inval_entry . - gve: Add RX context . - gve: Add a jumbo-frame device option . - gve: Add consumed counts to ethtool stats . - gve: Add netif_set_xps_queue call . - gve: Add optional metadata descriptor type GVE_TXD_MTD . - gve: Add rx buffer pagecnt bias . - gve: Allow pageflips on larger pages . - gve: Avoid freeing NULL pointer . - gve: Correct available tx qpl check . - gve: Correct order of processing device options . - gve: DQO: avoid unused variable warnings . - gve: Do lazy cleanup in TX path . - gve: Fix GFP flags when allocing pages . - gve: Implement packet continuation for RX . - gve: Implement suspend/resume/shutdown . - gve: Move the irq db indexes out of the ntfy block struct . - gve: Properly handle errors in gve_assign_qpl . - gve: Recording rx queue before sending to napi . - gve: Switch to use napi_complete_done . - gve: Track RX buffer allocation failures . - gve: Update gve_free_queue_page_list signature . - gve: Use kvcalloc instead of kvzalloc . - gve: fix for null pointer dereference . - gve: fix gve_get_stats . - gve: fix the wrong AdminQ buffer queue index check . - gve: fix unmatched u64_stats_update_end . - gve: remove memory barrier around seqno . - gve: report 64bit tx_bytes counter from gve_handle_report_stats . - i40e: Fix changing previously set num_queue_pairs for PFs . - i40e: Fix correct max_pkt_size on VF RX queue . - i40e: Fix creation of first queue by omitting it if is not power of two . - i40e: Fix display error code in dmesg . - i40e: Fix for displaying message regarding NVM version . - i40e: Fix freeing of uninitialized misc IRQ vector . - i40e: Fix ping is lost after configuring ADq on VF . - i40e: Fix pre-set max number of queues for VF . - i40e: Increase delay to 1 s after global EMP reset . - iavf: Fix limit of total number of queues to active queues of VF . - iavf: prevent accidental free of filter structure . - ibmvnic: Allow queueing resets during probe . - ibmvnic: Update driver return codes . - ibmvnic: clear fop when retrying probe . - ibmvnic: complete init_done on transport events . - ibmvnic: define flush_reset_queue helper . - ibmvnic: free reset-work-item when flushing . - ibmvnic: init init_done_rc earlier . - ibmvnic: initialize rc before completing wait . - ibmvnic: register netdev after init of adapter . - ibmvnic: schedule failover only if vioctl fails . - ice: Delete always true check of PF pointer . - ice: ignore dropped packets during init . - igb: Fix removal of unicast MAC filters of VFs . - ixgbevf: Require large buffers for build_skb on 82599VF . - kabi: Hide changes to s390/AP structures . - lib/iov_iter: initialize flags in new pipe_buffer . - mqprio: Correct stats in mqprio_dump_class_stats . - net/ibmvnic: Cleanup workaround doing an EOI after partition migration . - net: Prevent infinite while loop in skb_tx_hash . - net: ena: Fix error handling when calculating max IO queues number . - net: ena: Fix undefined state when tx request id is out of bounds . - net: marvell: mvpp2: Fix the computation of shared CPUs . - net: phylink: avoid mvneta warning when setting pause parameters . - net: usb: pegasus: Do not drop long Ethernet frames . - nfsd: fix use-after-free due to delegation race . - phylib: fix potential use-after-free . - platform/mellanox: mlxreg-io: Fix argument base in kstrtou32 call . - powerpc/64s: Fix debugfs_simple_attr.cocci warnings . - powerpc/pseries/ddw: Revert Extend upper limit for huge DMA window for persistent memory . - powerpc/pseries: read the lpar name from the firmware . - powerpc: add link stack flush mitigation status in debugfs . - qed: Handle management FW error . - qed: rdma - do not wait for resources under hw error recovery flow . - rndis_host: support Hytera digital radios . - s390/AP: support new dynamic AP bus size limit . - s390/ap: rework crypto config info and default domain code . - s390/cpumf: Support for CPU Measurement Facility CSVN 7 . - s390/cpumf: Support for CPU Measurement Sampling Facility LS bit . - s390/hypfs: include z/VM guests with access control group set . - scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put . - scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop . - scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write . - scsi: nsp_cs: Check of ioremap return value . - scsi: qedf: Fix potential dereference of NULL pointer . - scsi: qla2xxx: Add devids and conditionals for 28xx . - scsi: qla2xxx: Add ql2xnvme_queues module param to configure number of NVMe queues . - scsi: qla2xxx: Add qla2x00_async_done for async routines . - scsi: qla2xxx: Add retry for exec firmware . - scsi: qla2xxx: Check for firmware dump already collected . - scsi: qla2xxx: Fix T10 PI tag escape and IP guard options for 28XX adapters . - scsi: qla2xxx: Fix device reconnect in loop topology . - scsi: qla2xxx: Fix premature hw access after PCI error . - scsi: qla2xxx: Fix scheduling while atomic . - scsi: qla2xxx: Fix stuck session in gpdb . - scsi: qla2xxx: Fix unmap of already freed sgl . - scsi: qla2xxx: Fix warning for missing error code . - scsi: qla2xxx: Fix warning message due to adisc being flushed . - scsi: qla2xxx: Fix wrong FDMI data for 64G adapter . - scsi: qla2xxx: Implement ref count for SRB . - scsi: qla2xxx: Refactor asynchronous command initialization . - scsi: qla2xxx: Remove a declaration . - scsi: qla2xxx: Remove unused qla_sess_op_cmd_list from scsi_qla_host_t . - scsi: qla2xxx: Return -ENOMEM if kzalloc fails . - scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair . - scsi: qla2xxx: Update version to 10.02.07.200-k . - scsi: qla2xxx: Update version to 10.02.07.300-k . - scsi: qla2xxx: edif: Fix clang warning . - scsi: qla2xxx: edif: Fix inconsistent check of db_flags . - scsi: qla2xxx: edif: Reduce connection thrash . - scsi: qla2xxx: edif: Replace list_for_each_safe with list_for_each_entry_safe . - scsi: qla2xxx: edif: Tweak trace message . - scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select . - scsi: ufs: Fix race conditions related to driver data . - scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV FCP devices . - sunrpc/auth_gss: support timeout on gss upcalls . - tracing: Dump stacktrace trigger to the corresponding instance . - tracing: Have traceon and traceoff trigger honor the instance . - usb: common: ulpi: Fix crash in ulpi_match . - usb: typec: tcpm: Do not disconnect while receiving VBUS off . - xfrm: fix MTU regression . Special Instructions and Notes: Please reboot the system after installing this update.