The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2483: Fixed a use after free bug in emac_remove due caused by a race condition . * CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation . * CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system . * CVE-2017-5753: Fixed spectre V1 vulnerability on netlink . * CVE-2017-5753: Fixed spectre vulnerability in prlimit . * CVE-2020-36691: Fixed a denial of service vulnerability via a nested Netlink policy with a back reference . * CVE-2021-3923: Fixed stack information leak vulnerability that could lead to kernel protection bypass in infiniband RDMA . * CVE-2021-4203: Fixed use-after-free read flaw that was found in sock_getsockopt in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen . * CVE-2022-20567: Fixed use after free that could lead to a local privilege escalation in pppol2tp_create of l2tp_ppp.c . * CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation . * CVE-2023-0590: Fixed race condition in qdisc_graft . * CVE-2023-0597: Fixed lack of randomization of per-cpu entry area in x86/mm . * CVE-2023-1076: Fixed incorrect UID assigned to tun/tap sockets . * CVE-2023-1095: Fixed a NULL pointer dereference in nf_tables due to zeroed list head . * CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim in media/rc . * CVE-2023-1390: Fixed remote DoS vulnerability in tipc_link_xmit . * CVE-2023-1513: Fixed an uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak . * CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot . * CVE-2023-1855: Fixed an use-after-free flaw in xgene_hwmon_remove . * CVE-2023-1989: Fixed an use-after-free flaw in btsdio_remove . * CVE-2023-1990: Fixed an use-after-free flaw in ndlc_remove . * CVE-2023-1998: Fixed an use-after-free flaw during login when accessing the shost ipaddress . * CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create . * CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler . * CVE-2023-23455: Fixed a denial of service inside atm_tc_enqueue in net/sched/sch_atm.c because of type confusion . * CVE-2023-28328: Fixed a denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c . * CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hci_conn_cleanup in net/uetooth/hci_conn.c . * CVE-2023-28772: Fixed buffer overflow in seq_buf_putmem_hex in lib/seq_buf.c . * CVE-2023-30772: Fixed race condition and resultant use-after-free in da9150_charger_remove . The following non-security bugs were fixed: * Do not sign the vanilla kernel . * Fix kABI breakage * PCI: hv: Add a per-bus mutex state_lock . * PCI: hv: Fix a race condition bug in hv_pci_query_relations . * PCI: hv: Fix a race condition in hv_irq_unmask that can cause panic . * PCI: hv: Remove the useless hv_pcichild_state from struct hv_pci_dev . * Remove obsolete KMP obsoletes . * Replace mkinitrd dependency with dracut . * cifs: fix double free in dfs mounts . * cifs: fix negotiate context parsing . * cifs: handle reconnect of tcon when there is no cached dfs referral . * cifs: missing null pointer check in cifs_mount . * cifs: serialize all mount attempts . * cred: allow get_cred and put_cred to be given NULL . * ipv6: raw: Deduct extension header length in rawv6_push_pending_frames . * k-m-s: Drop Linux 2.6 support * kernel-module-subpackage: Fix expansion with -b parameter . ## Special Instructions and Notes: * Please reboot the system after installing this update.