The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-3268: Fixed an out of bounds memory access flaw in relay_file_read_start_pos in the relayfs . * CVE-2023-3776: Fixed improper refcount update in cls_fw leads to use-after- free . * CVE-2022-40982: Fixed transient execution attack called 'Gather Data Sampling' . * CVE-2023-3567: Fixed a use-after-free in vcs_read in drivers/tty/vt/vc_screen.c . * CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec . * CVE-2023-20593: Fixed a ZenBleed issue in 'Zen 2' CPUs that could allow an attacker to potentially access sensitive information . * CVE-2018-3639: Fixed Speculative Store Bypass aka 'Memory Disambiguation' . * CVE-2017-18344: Fixed an OOB access led by an invalid check in timer_create. * CVE-2022-45919: Fixed a use-after-free in dvb_ca_en50221.c that could occur if there is a disconnect after an open, because of the lack of a wait_event . * CVE-2023-35824: Fixed a use-after-free in dm1105_remove in drivers/media/pci/dm1105/dm1105.c . * CVE-2023-3161: Fixed shift-out-of-bounds in fbcon_set_font . * CVE-2023-3141: Fixed a use-after-free flaw in r592_remove in drivers/memstick/host/r592.c, that allowed local attackers to crash the system at device disconnect . * CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback . The following non-security bugs were fixed: * fbcon: Check font dimension limits . * firewire: fix potential uaf in outbound_phy_packet_callback . * kABI: restore _copy_from_user on x86_64 and copy_to_user on x86 . * media: dm1105: Fix use after free bug in dm1105_remove due to race condition . * media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 . * memstick: r592: Fix UAF bug in r592_remove due to race condition . * net/sched: cls_fw: Fix improper refcount update leads to use-after-free . * pkt_sched: fix error return code in fw_change_attrs . * pkt_sched: fix error return code in fw_change_attrs . * posix-timer: Properly check sigevent- greater than;sigev_notify . * relayfs: fix out-of-bounds access in relay_file_read . * uaccess: Add speculation barrier to copy_from_user . * vc_screen: don"t clobber return value in vcs_read . * vc_screen: modify vcs_size handling in vcs_read . * vc_screen: move load of struct vc_data pointer in vcs_read to avoid UAF . * x86: Unify copy_from_user size checking . * x86/copy_user: Unify the code by removing the 64-bit asm _copy_ *_user variants . * x86/cpu/amd: Add a Zenbleed fix . * x86/speculation: Add Gather Data Sampling mitigation . ## Special Instructions and Notes: * Please reboot the system after installing this update.