The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2483: Fixed a use after free bug in emac_remove due caused by a race condition . * CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation . * CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system . * CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create . * CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress . * CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove . * CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove . * CVE-2023-1989: Fixed a use after free in btsdio_remove . * CVE-2023-1990: Fixed a use after free in ndlc_remove . * CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation . * CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot . * CVE-2020-36691: Fixed a denial of service vulnerability via a nested Netlink policy with a back reference . The following non-security bugs were fixed: * ARM: 8702/1: head-common.S: Clear lr before jumping to start_kernel * USB: dwc3: fix runtime pm imbalance on probe errors . * USB: dwc3: fix runtime pm imbalance on unbind . * arm64: kaslr: Reserve size of ARM64_MEMSTART_ALIGN in linear region * ath10k: Fix error handling in case of CE pipe init failure . * ath10k: Fix missing frame timestamp for beacon/probe-resp . * ath10k: Fix the parsing error in service available event . * ath10k: add missing error return code in ath10k_pci_probe . * ath10k: fix control-message timeout . * ath10k: fix division by zero in send path . * ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern . * audit: improve audit queue handling when "audit=1" on cmdline . * bpf, x86: Fix encoding for lower 8-bit registers in BPF_STX BPF_B . * bs-upload-kernel: Do not skip post-build-checks * cachefiles: Drop superfluous readpages aops NULL check . * cachefiles: Fix page leak in cachefiles_read_backing_file while vmscan is active . * cachefiles: Fix race between read_waiter and read_copier involving op- greater than to_do . * cachefiles: Handle readpage error correctly . * cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach . * cifs: fix negotiate context parsing . * cifs: fix open leaks in open_cached_dir . * cred: allow get_cred and put_cred to be given NULL . * crypto: x86/ghash - fix unaligned access in ghash_setkey . * drivers: net: lmc: fix case value for target abort error . * fscache, cachefiles: remove redundant variable "cache" . * ftrace: Mark get_lock_parent_ip __always_inline . * intel_pmc_ipc: restore ability to call functions with irq enabled . * ipmi: fix SSIF not responding under certain cond . * iwlwifi: Fix -EIO error code that is never returned . * iwlwifi: fw: make pos static in iwl_sar_get_ewrd_table loop . * iwlwifi: pcie: fix locking when "HW not ready" . * iwlwifi: pcie: gen2: fix locking when "HW not ready" . * iwlwifi: pcie: reschedule in long-running memory reads . * kabi/severities: ignore KABI for NVMe, except nvme-fc . * kcm: Only allow TCP sockets to be attached to a KCM mux . * keys: Change keyring_serialise_link_sem to a mutex . * keys: Fix linking a duplicate key to a keyring"s assoc_array . * keys: Hoist locking out of __key_link_begin . * kretprobe: Prevent triggering kretprobe from within kprobe_flush_task . * l2tp: clean up stale tunnel or session in pppol2tp_connect"s error path . * l2tp: fix pseudo-wire type for sessions created by pppol2tp_connect . * l2tp: reject creation of non-PPP sessions on L2TPv2 tunnels . * net/ncsi: Do not return error on normal response . * net: axienet: Fix double deregister of mdio . * net: core: dst: Add kernel-doc for "net" parameter . * net: core: dst_cache_set_ip6: Rename "addr" parameter to "saddr" for consistency . * net: phy: realtek: Use the dummy stubs for MMD register access for rtl8211b . * net: prevent ISA drivers from building on PPC32 . * net: usb: qmi_wwan: add Telit 0x1080 composition . * netfilter: nft_set_rbtree: fix parameter of __nft_rbtree_lookup . * netfilter: x_tables: Add note about how to free percpu counters . * ntp: Limit TAI-UTC offset * nvme-pci: do not WARN_ON in nvme_reset_work if ctrl.state is not RESETTING . * nvme-pci: fix doorbell buffer value endianness . * nvme: retain split access workaround for capability reads . * platform/x86: intel_pmc_ipc: Use devm_* calls in driver probe function . * platform/x86: intel_pmc_ipc: Use spin_lock to protect GCR updates . * powercap: fix possible name leak in powercap_register_zone . * powerpc/numa: Consider the max NUMA node for migratable LPAR . * powerpc/numa: Detect support for coregroup . * powerpc/numa: Limit possible nodes to within num_possible_nodes . * powerpc/numa: Restrict possible nodes based on platform . * powerpc/papr_scm: Update the NUMA distance table for the target node . * powerpc/pseries: Consolidate different NUMA distance update code paths . * powerpc/pseries: Rename TYPE1_AFFINITY to FORM1_AFFINITY . * powerpc/pseries: rename min_common_depth to primary_domain_index . * printk: Give error on attempt to set log buffer length to over 2G . * ring-buffer: Fix race while reader and writer are on the same page . * s390/percpu: add READ_ONCE to arch_this_cpu_to_op_simple . * scsi: qla2xxx: Fix memory leak in qla2x00_probe_one . * scsi: qla2xxx: Perform lockless command completion in abort path . * sctp: do not free asoc when it is already dead in sctp_sendmsg . * sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf . * sctp: use the right sk after waking up from wait_buf sleep . * struct ci_hdrc: hide new member at end . * struct wmi_svc_avail_ev_arg: new member to end . * timekeeping: Prevent 32bit truncation in * tuntap: fix dividing by zero in ebpf queue selection . * uprobes/x86: Fix detection of 32-bit user mode . * usb/ohci-platform: Fix a warning when hibernating . * usb: chipidea: core: fix possible concurrent when switch role . * usb: chipidea: fix missing goto in `ci_hdrc_probe` . * usb: dwc3: core: fix kernel panic when do reboot . * usb: dwc3: gadget: Do not set IMI for no_interrupt . * usb: host: ohci-pxa27x: Fix and vs | typo . * usb: storage: Add check for kcalloc . * usb: typec: Check for ops- greater than exit instead of ops- greater than enter in altmode_exit . * watchdog: pcwd_usb: Fix attempting to access uninitialized memory . * wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list . * workqueue: Fix missing kfree in destroy_workqueue . * workqueue: Fix spurious sanity check failures in destroy_workqueue . * wq: handle VM suspension in stall detection . * x86, boot: Remove multiple copy of static function sanitize_boot_params . * x86/apic: Fix arch_dynirq_lower_bound bug for DT enabled machines . * x86/apic: Handle missing global clockevent gracefully . * x86/apic: Soft disable APIC before initializing it . * x86/boot/compressed: Disable relocation relaxation . * x86/boot: Avoid using Intel mnemonics in ATT syntax asm . * x86/bugs: Add Cannon lake to RETBleed affected CPU list . * x86/bugs: Enable STIBP for IBPB mitigated RETBleed . * x86/decoder: Add TEST opcode to Group3-2 . * x86/fpu: Prevent FPU state corruption . * x86/ioapic: Prevent inconsistent state when moving an interrupt . * x86/irq: Ensure PI wakeup handler is unregistered before module unload . * x86/kprobes: Fix to check non boostable prefixes correctly . * x86/kprobes: Restore BTF if the single-stepping is cancelled . * x86/lib/cpu: Address missing prototypes warning . * x86/mce/inject: Avoid out-of-bounds write when setting flags . * x86/mce: Lower throttling MCE messages" priority to warning . * x86/mm: Stop printing BRK addresses . * x86/mm: Use the correct function type for native_set_fixmap . * x86/pkeys: Add check for pkey "overflow" . * x86/reboot: Always use NMI fallback when shutdown via reboot vector IPI fails . * x86/speculation/mds: Mark mds_user_clear_cpu_buffers __always_inline . * x86/sysfb: Fix check for bad VRAM size . * x86/tools/relocs: Fix non-POSIX regexp . * x86/tools: Fix objdump version check again . * x86/virt: Eat faults on VMXOFF in reboot flows . * x86/virt: Mark flags and memory as clobbered by VMXOFF . * x86: Do not let pgprot_modify change the page encryption bit . * x86_64: Fix jiffies ODR violation . * xfrm: policy: use hlist rcu variants on insert . * xhci: also avoid the XHCI_ZERO_64B_REGS quirk with a passthrough iommu . * xhci: hide include of iommu.h . ## Special Instructions and Notes: * Please reboot the system after installing this update.