The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-13695: Fixed fix acpi operand cache leak in nseval.c . - CVE-2018-7755: Fixed bypass of kernel security protections such as KASLR using fd_locked_ioctl function in drivers/block/floppy.c . - CVE-2019-3837: Fixed memory leak due to thread-unsafe implementation of the net_dma code in tcp_recvmsg . - CVE-2019-3900: Fixed infinite loop while receiving packets in vhost_net . - CVE-2020-15393: Fixed memory leak in usbtest_disconnect in drivers/usb/misc/usbtest.c . - CVE-2020-16119: Fixed use-after-free exploitable by a local attacker due to reuse of a DCCP socket . - CVE-2020-36557: Fixed race condition in the VT_DISALLOCATE ioctl and closing/opening of ttys which could lead to a use-after-free . - CVE-2020-36558: Fixed race condition in VT_RESIZEX . - CVE-2021-26341: Fixed vulnerablity where some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage . - CVE-2021-33655: When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds . - CVE-2021-33656: Fixed memory out of bounds write when setting font with malicous data by ioctl cmd PIO_FONT . - CVE-2021-34981: Fixed file refcounter in bluetooth cmtp when cmtp_attach_device fails . - CVE-2021-39713: Fixed race condition in the network scheduling subsystem which could lead to a use-after-free . - CVE-2021-45868: Fixed use-after-free in fs/quota/quota_tree.c . - CVE-2022-1011: Fixed UAF reads of write buffers, allowing theft of /etc/shadow hashes . - CVE-2022-1048: Fixed potential AB/BA lock with buffer_mutex and mmap_lock . - CVE-2022-1353: Fixed denial of service in the pfkey_register function in net/key/af_key.c . - CVE-2022-1462: Fixed out-of-bounds read in the TeleTYpe subsystem allowing local user to crash the system or read unauthorized random data from memory . - CVE-2022-1652: Fixed use after free in floppy . - CVE-2022-1679: Fixed use-after-free in the atheros wireless adapter driver . - CVE-2022-20132: Fixed out of bounds read in lg_probe and related functions of hid-lg.c and other USB HID files . - CVE-2022-20166: Fixed out of bounds write due to a heap buffer overflow which could lead to local escalation of privilege with System execution privileges needed . - CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg . - CVE-2022-20369: Fixed out of bounds write due to improper input validation in v4l2_m2m_querybuf of v4l2-mem2mem.c . - CVE-2022-21166, CVE-2022-21127, CVE-2022-21123, CVE-2022-21125, CVE-2022-21180: Fixed stale MMIO data transient information leaks . - CVE-2022-21385: Fixed warn in rds_message_alloc_sgs . - CVE-2022-21499: Fixed issue where it was trivial to break out of lockdown using kgdb . - CVE-2022-2318: Fixed use-after-free caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges . - CVE-2022-2663: Fixed possible firewall bypass when users are using unencrypted IRC due to message handling confusion in nf_conntrack_irc . - CVE-2022-28356: Fixed refcount leak bug in net/llc/af_llc.c . - CVE-2022-29900: Fixed mis-trained branch predictions for return instructions that may have allowed arbitrary speculative code execution under certain microarchitecture-dependent conditions . - CVE-2022-29901: Fixed vulnerability where an attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions . - CVE-2022-3028: Fixed a race condition in the Linux kernel"s IP framework for transforming packets when multiple calls to xfrm_probe_algs occurred simultaneously . - CVE-2022-3303: Fixed race condition in the sound subsystem due to improper locking . - CVE-2022-33981: Fixed denial of service in drivers/block/floppy.c . - CVE-2022-3424: Fixed use-after-free in gru_set_context_option leading to kernel panic . - CVE-2022-3524: Fixed memory leak in ipv6_renew_options of the component IPv6 Handler . - CVE-2022-3565: Fixed use-after-free in del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth . - CVE-2022-3566: Fixed race condition in the TCP Handler . - CVE-2022-3586: Fixed use-after-free in the sch_sfb enqueue function . - CVE-2022-3621: Fixed null pointer dereference in fs/nilfs2/inode.c of the component nilfs2 . - CVE-2022-3635: Fixed use-after-free in IPsec . - CVE-2022-3646: Fixed memory leak in nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF . - CVE-2022-3649: Fixed use-after-free in nilfs_new_inode of the file fs/nilfs2/inode.c . - CVE-2022-36879: Fixed double refcount drop in xfrm_expand_policies in net/xfrm/xfrm_policy.c . - CVE-2022-36946: Fixed denial of service in nfqnl_mangle in net/netfilter/nfnetlink_queue.c . - CVE-2022-3903: Fixed incorrect read request flaw in the Infrared Transceiver USB driver . - CVE-2022-39188: Fixed TLB flush for PFNMAP mappings before unlink_file_vma . - CVE-2022-40768: Fixed information leak in drivers/scsi/stex.c . - CVE-2022-4095: Fixed use-after-free in rtl8712 . - CVE-2022-41218: Fixed use-after-free in drivers/media/dvb-core/dmxdev.c . - CVE-2022-41848: Fixed use-after-free in drivers/char/pcmcia/synclink_cs.c . - CVE-2022-41850: Fixed use-after-free in roccat_report_event in drivers/hid/hid-roccat.c . - CVE-2022-41858: Fixed NULL pointer dereference in drivers/net/slip/slip.c . - CVE-2022-43750: Fixed memory corruption in drivers/usb/mon/mon_bin.c . - CVE-2022-44032: Fixed race condition in drivers/char/pcmcia/cm4000_cs.c . - CVE-2022-44033: Fixed use-after-free in drivers/char/pcmcia/cm4040_cs.c . - CVE-2022-45934: Fixed integer wraparound in net/bluetooth/l2cap_core.c . The following non-security bugs were fixed: - Fail if no bound addresses can be used for a given scope . - Fixed missing check on handle in net_sched cls_route . - Trim skb to alloc size to avoid MSG_TRUNC . - Fixed confusing boot logging with Skylake on RETBLEED kernel . - Fixed retbleed performance issues . Special Instructions and Notes: Please reboot the system after installing this update.