The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2269: Fixed a denial-of-service problem due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm- ioctl.c . * CVE-2022-3566: Fixed race condition in the TCP Handler . * CVE-2022-45886: Fixed a .disconnect versus dvb_device_open race condition in dvb_net.c that lead to a use-after-free . * CVE-2022-45885: Fixed a race condition in dvb_frontend.c that could cause a use-after-free when a device is disconnected . * CVE-2022-45887: Fixed a memory leak in ttusb_dec.c caused by the lack of a dvb_frontend_detach call . * CVE-2022-45919: Fixed a use-after-free in dvb_ca_en50221.c that could occur if there is a disconnect after an open, because of the lack of a wait_event . * CVE-2022-45884: Fixed a use-after-free in dvbdev.c, related to dvb_register_device dynamically allocating fops . * CVE-2023-31084: Fixed a blocking issue in drivers/media/dvb- core/dvb_frontend.c . * CVE-2023-31436: Fixed an out-of-bounds write in qfq_change_class because lmax can exceed QFQ_MIN_LMAX . * CVE-2023-2194: Fixed an out-of-bounds write vulnerability in the SLIMpro I2C device driver . * CVE-2023-32269: Fixed a use-after-free in af_netrom.c, related to the fact that accept was also allowed for a successfully connected AF_NETROM socket . * CVE-2023-28466: Fixed race condition that could lead to use-after-free or NULL pointer dereference in do_tls_getsockopt in net/tls/tls_main.c . * CVE-2023-1380: Fixed a slab-out-of-bound read problem in brcmf_get_assoc_ies . * CVE-2023-2513: Fixed a use-after-free vulnerability in the ext4 filesystem . * CVE-2023-2176: Fixed an out-of-boundary read in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA . The following non-security bugs were fixed: * ACPI: processor: Fix evaluating _PDC method when running as Xen dom0 . * Documentation: Document sysfs interfaces purr, spurr, idle_purr, idle_spurr . * Drivers: hv: vmbus: Optimize vmbus_on_event . * IB/hfi1: Assign npages earlier * IB/iser: bound protection_sg size by data_sg size * IB/mlx4: Fix memory leaks * IB/mlx4: Increase the timeout for CM cache * IB/mlx5: Fix initializing CQ fragments buffer * IB/rdmavt: Add __init/__exit annotations to module init/exit funcs * IB/usnic: Fix potential deadlock * KVM: nSVM: clear events pending from svm_complete_interrupts when exiting to L1 . * KVM: x86: Update the exit_qualification access bits while walking an address . * KVM: x86: avoid misreporting level-triggered irqs as edge-triggered in tracing . * KVM: x86: emulator: em_sysexit should update ctxt-greater than mode . * KVM: x86: emulator: introduce emulator_recalc_and_set_mode . * KVM: x86: emulator: update the emulation mode after CR0 write . * KVM: x86: fix empty-body warnings . * KVM: x86: fix incorrect comparison in trace event . * KVM: x86: svm: report MSR_IA32_MCG_EXT_CTL as unsupported . * Move upstreamed media fixes into sorted section * PCI: Add ACS quirks for Cavium multi-function devices . * PCI: Call Max Payload Size-related fixup quirks early . * PCI: Mark Atheros QCA6174 to avoid bus reset . * PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported . * PCI: Return ~0 data on pciconfig_read CAP_SYS_ADMIN failure . * PCI: aardvark: Configure PCIe resources from "ranges" DT property . * PCI: aardvark: Fix PCIe Max Payload Size setting . * PCI: aardvark: Fix checking for PIO status . * PCI: aardvark: Fix masking and unmasking legacy INTx interrupts . * PCI: aardvark: Increase polling delay to 1.5s while waiting for PIO response . * PCI: xilinx-nwl: Enable the clock through CCF . * RDMA/bnxt_re: Restrict the max_gids to 256 * RDMA/cma: Do not change route.addr.src_addr.ss_family * RDMA/cma: Fix rdma_resolve_route memory leak * RDMA/core: Do not access cm_id after its destruction * RDMA/cxgb4: Fix missing error code in create_qp * RDMA/hfi1: Prevent panic when SDMA is disabled * RDMA/hns: Bugfix for querying qkey * RDMA/i40iw: Fix potential use after free * RDMA/iw_cgxb4: Fix an error handling path in "c4iw_connect" * RDMA/mlx4: Prevent shift wrapping in set_user_sq_size * RDMA/mlx5: Block delay drop to unprivileged users * RDMA/rxe: Fix error type of mmap_offset * RDMA/srp: Move large values to a new enum for gcc13 * RDMA/srp: Propagate ib_post_send failures to the SCSI mid-layer * RDMA/usnic: fix set-but-not-unused variable "flags" warning * RDMa/mthca: Work around -Wenum-conversion warning * RDS: IB: Fix null pointer issue . * USB: core: Add routines for endpoint checks in old drivers . * USB: sisusbvga: Add endpoint checks . * Update patch reference for libata fix . * adm8211: fix error return code in adm8211_probe . * backlight: lm3630a: Fix return code of .update_status callback * blacklist.conf: workqueue: Cosmetic change. Not worth backporting * bonding: show full hw address in sysfs for slave entries . * ceph: force updating the msg pointer in non-split case . * cpuidle/powernv: avoid double irq enable coming out of idle . * cpuidle: powerpc: cpuidle set polling before enabling irqs . * cpuidle: powerpc: no memory barrier after break from idle . * cpuidle: powerpc: read mostly for common globals . * ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h . * f2fs: Fix f2fs_truncate_partial_nodes ftrace event . * fbcon: Check font dimension limits * fbdev: uvesafb: Fixes an error handling path in uvesafb_probe * fix kcm_clone . * fotg210-udc: Add missing completion handler . * ip6_tunnel: allow ip6gre dev mtu to be set below 1280 . * ip6_tunnel: fix IFLA_MTU ignored on NEWLINK . * ipoib: correcly show a VF hardware address * ipv4: ipv4_default_advmss should use route mtu . * ipv6: Reinject IPv6 packets if IPsec policy matches after SNAT . * ipv6: icmp6: Allow icmp messages to be looped back . * ipv6: sr: fix out-of-bounds read when setting HMAC data . * kcm: Check if sk_user_data already set in kcm_attach . * kvm: mmu: Do not read PDPTEs when paging is not enabled . * l2tp: remove configurable payload offset . * l2tp: remove l2specific_len dependency in l2tp_core . * libata: add horkage for ASMedia 1092 . * mac80211: choose first enabled channel for monitor . * mac80211: drop multicast fragments . * mac80211: fix fast-rx encryption check . * mac80211: pause TX while changing interface type . * media: radio-shark: Add endpoint checks . * mlx4: Use snprintf instead of complicated strcpy * mwl8k: Fix a double Free in mwl8k_probe_hw . * net/iucv: Fix size of interrupt data . * net/mlx4_core: Fix return codes of unsupported operations . * net/tcp/illinois: replace broken algorithm reference link . * net: Extra "_get" in declaration of arch_get_platform_mac_address . * net: altera_tse: fix connect_local_phy error path . * net: altera_tse: fix msgdma_tx_completion on non-zero fill_level case . * net: amd: add missing of_node_put . * net: arc_emac: fix arc_emac_rx error paths . * net: broadcom: fix return type of ndo_start_xmit function . * net: davinci_emac: match the mdio device against its compatible if possible . * net: dsa: b53: Add BCM5389 support . * net: dsa: bcm_sf2: Turn on PHY to allow successful registration . * net: dsa: mt7530: fix module autoloading for OF platform drivers . * net: dsa: qca8k: Add support for QCA8334 switch . * net: emac: fix fixed-link setup for the RTL8363SB switch . * net: ethernet: ti: cpsw-phy-sel: check bus_find_device ret value . * net: faraday: fix return type of ndo_start_xmit function . * net: hisilicon: remove unexpected free_netdev . * net: hns3: fix return type of ndo_start_xmit function . * net: hns: Fix wrong read accesses via Clause 45 MDIO protocol . * net: ibm: fix possible object reference leak . * net: ipv6: send NS for DAD when link operationally up . * net: mediatek: setup proper state for disabled GMAC on the default . * net: micrel: fix return type of ndo_start_xmit function . * net: mvneta: fix enable of all initialized RXQs . * net: netxen: fix a missing check and an uninitialized use . * net: propagate dev_get_valid_name return code . * net: qca_spi: Fix log level if probe fails . * net: qcom/emac: Use proper free methods during TX . * net: qla3xxx: Remove overflowing shift statement . * net: smsc: fix return type of ndo_start_xmit function . * net: stmmac: do not log oversized frames . * net: stmmac: fix dropping of multi-descriptor RX frames . * net: sun: fix return type of ndo_start_xmit function . * net: toshiba: fix return type of ndo_start_xmit function . * net: xfrm: allow clearing socket xfrm policies . * net: xilinx: fix return type of ndo_start_xmit function . * netfilter: ebtables: convert BUG_ONs to WARN_ONs . * netfilter: ipt_CLUSTERIP: put config instead of freeing it . * netfilter: ipt_CLUSTERIP: put config struct if we can"t increment ct refcount . * nvme-pci: avoid the deepest sleep state on Kingston A2000 SSDs . * nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags . * nvme-pci: unquiesce admin queue on shutdown . * nvme-pci: use the same attributes when freeing host_mem_desc_bufs . * nvme: Fix u32 overflow in the number of namespace list calculation . * nvme: free sq/cq dbbuf pointers when dbbuf set fails . * nvme: refine the Qemu Identify CNS quirk . * nvme: remove the ifdef around nvme_nvm_ioctl . * platform/x86: alienware-wmi: Adjust instance of wmi_evaluate_method calls to 0 . * platform/x86: alienware-wmi: constify attribute_group structures . * platform/x86: alienware-wmi: fix format string overflow warning . * platform/x86: alienware-wmi: fix kfree on potentially uninitialized pointer . * platform/x86: dell-laptop: fix rfkill functionality. * platform/x86: dell-smbios-wmi: Add missing kfree in error-exit from run_smbios_call . * platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios . * powerpc/idle: Store PURR snapshot in a per-cpu global variable . * powerpc/pseries: Account for SPURR ticks on idle CPUs . * powerpc/rtas: use memmove for potentially overlapping buffer copy . * powerpc/sysfs: Show idle_purr and idle_spurr for every CPU . * powerpc: Do not try to copy PPR for task with NULL pt_regs . * powerpc: Move idle_loop_prolog/epilog functions to header file . * powerpc: Squash lines for simple wrapper functions . * rds; Reset rs-greater than rs_bound_addr in rds_add_bound failure path . * ring-buffer: Ensure proper resetting of atomic variables in ring_buffer_reset_online_cpus . * ring-buffer: Sync IRQ works before buffer destruction . * rxe: IB_WR_REG_MR does not capture MR"s iova field * s390/dasd: correct numa_node in dasd_alloc_queue . * s390/extmem: fix gcc 8 stringop-overflow warning . * s390/kasan: fix early pgm check handler execution . * s390/pci: fix sleeping in atomic during hotplug . * s390/scm_blk: correct numa_node in scm_blk_dev_setup . * s390/sysinfo: add missing #ifdef CONFIG_PROC_FS . * s390/uaccess: add missing earlyclobber annotations to __clear_user . * s390: ctcm: fix ctcm_new_device error return code . * scsi: qla2xxx: Declare SCSI host template const . * scsi: qla2xxx: Drop redundant pci_enable_pcie_error_reporting . * scsi: qla2xxx: Fix hang in task management . * scsi: qla2xxx: Fix hang in task management . * scsi: qla2xxx: Fix mem access after free . * scsi: qla2xxx: Fix mem access after free . * scsi: qla2xxx: Fix task management cmd fail due to unavailable resource . * scsi: qla2xxx: Fix task management cmd fail due to unavailable resource . * scsi: qla2xxx: Fix task management cmd failure . * scsi: qla2xxx: Fix task management cmd failure . * scsi: qla2xxx: Multi-que support for TMF . * scsi: qla2xxx: Multi-que support for TMF . * scsi: qla2xxx: Refer directly to the qla2xxx_driver_template . * scsi: qla2xxx: Remove default fabric ops callouts . * scsi: qla2xxx: Replace all non-returning strlcpy with strscpy . * scsi: qla2xxx: Replace all non-returning strlcpy with strscpy . * scsi: qla2xxx: Update version to 10.02.08.300-k . * scsi: qla2xxx: Update version to 10.02.08.300-k . * scsi: qla2xxx: Wait for io return on terminate rport . * scsi: qla2xxx: Wait for io return on terminate rport . * scsi: storvsc: Parameterize number hardware queues . * sctp: avoid flushing unsent queue when doing asoc reset . * sctp: fix erroneous inc of snmp SctpFragUsrMsgs . * sctp: fix the issue that a __u16 variable may overflow in sctp_ulpq_renege . * sctp: make use of pre-calculated len . * seccomp: Set PF_SUPERPRIV when checking capability . * sfc: suppress duplicate nvmem partition types in efx_ef10_mtd_probe . * sit: fix IFLA_MTU ignored on NEWLINK . * stmmac: fix valid numbers of unicast filter entries . * sunvnet: does not support GSO for sctp . * usb: dwc3: Fix race between dwc3_set_mode and __dwc3_set_mode . * usb: early: xhci-dbc: Fix a potential out-of-bound memory access . * vrf: mark skb for multicast or link-local as enslaved to VRF . * wcn36xx: Add ability for wcn36xx_smd_dump_cmd_req to pass two"s complement . * wcn36xx: Add ieee80211 rx status rate information . * wcn36xx: Channel list update before hardware scan . * wcn36xx: Disable bmps when encryption is disabled . * wcn36xx: Ensure finish scan is not requested before start scan . * wcn36xx: Fix TX data path . * wcn36xx: Fix multiple AMPDU sessions support . * wcn36xx: Fix software-driven scan . * wcn36xx: Fix warning due to bad rate_idx . * wcn36xx: Increase number of TX retries . * wcn36xx: Specify ieee80211_rx_status.nss . * wcn36xx: Use kmemdup instead of duplicating it in wcn36xx_smd_process_ptt_msg_rsp . * wcn36xx: Use sequence number allocated by mac80211 . * wcn36xx: disable HW_CONNECTION_MONITOR . * wcn36xx: ensure pairing of init_scan/finish_scan and start_scan/end_scan . * wcn36xx: fix spelling mistake "to" -greater than "too" . * wcn36xx: fix typo . * wcn36xx: remove unecessary return . * wcn36xx: use dma_zalloc_coherent instead of allocator/memset . * workqueue: Fix hung time report of worker pools . * workqueue: Interrupted create_worker is not a repeated event . * workqueue: Print backtraces from CPUs with hung CPU bound workqueues . * workqueue: Warn when a new worker could not be created . * workqueue: Warn when a rescuer could not be created . * x86/kvm/vmx: fix old-style function declaration . * x86/kvm: Do not call kvm_spurious_fault from .fixup . * x86: kvm: avoid constant-conversion warning . * xen/netback: do not do grant copy across page boundary . * xen/netback: use same error messages for same errors . * xfrm: Fix stack-out-of-bounds with misconfigured transport mode policies . ## Special Instructions and Notes: * Please reboot the system after installing this update.