The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-3609: Fixed reference counter leak leading to overflow in net/sched . * CVE-2023-3611: Fixed an out-of-bounds write in net/sched sch_qfq. * CVE-2023-3567: Fixed a use-after-free in vcs_read in drivers/tty/vt/vc_screen.c . * CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec . * CVE-2022-40982: Fixed transient execution attack called 'Gather Data Sampling' . * CVE-2023-20593: Fixed a ZenBleed issue in 'Zen 2' CPUs that could allow an attacker to potentially access sensitive information . * CVE-2023-2985: Fixed an use-after-free vulnerability in hfsplus_put_super in fs/hfsplus/super.c that could allow a local user to cause a denial of service . * CVE-2023-35001: Fixed an out-of-bounds memory access flaw in nft_byteorder that could allow a local attacker to escalate their privilege . * CVE-2023-20569: Fixed side channel attack 'Inception' or 'RAS Poisoning' . The following non-security bugs were fixed: * Get module prefix from kmod . * USB: add NO_LPM quirk for Realforce 87U Keyboard . * USB: core: add quirk for Alcor Link AK9563 smartcard reader . * USB: core: hub: Disable autosuspend for Cypress CY7C65632 . * USB: hcd-pci: Fully suspend across freeze/thaw cycle . * USB: hub: Add delay for SuperSpeed hub resume to let links transit to U0 . * USB: serial: option: add Fibocom FM160 0x0111 composition . * USB: serial: option: add Quectel EM05-G modem . * USB: serial: option: add Quectel EM05-G modem . * USB: serial: option: add Sierra Wireless EM9191 . * USB: serial: option: add u-blox LARA-R6 00B modem . * blkcg, writeback: dead memcgs shouldn"t contribute to writeback ownership arbitration . * btrfs: fix resolving backrefs for inline extent followed by prealloc . * delete suse/memcg-drop-kmem-limit_in_bytes. drop the patch in order to fix bsc#1213705. * dlm: Delete an unnecessary variable initialisation in dlm_ls_start . * dlm: NULL check before kmem_cache_destroy is not needed . * dlm: fix invalid cluster name warning . * dlm: fix missing idr_destroy for recover_idr . * dlm: fix missing lkb refcount handling . * dlm: fix plock invalid read . * dlm: fix possible call to kfree for non-initialized pointer . * ext4: Fix reusing stale buffer heads from last failed mounting . * ext4: add inode table check in __ext4_get_inode_loc to aovid possible infinite loop . * ext4: avoid BUG_ON when creating xattrs . * ext4: avoid unaccounted block allocation when expanding inode . * ext4: bail out of ext4_xattr_ibody_get fails for any reason . * ext4: fail ext4_iget if special inode unallocated . * ext4: fix RENAME_WHITEOUT handling for inline directories . * ext4: fix WARNING in ext4_update_inline_data . * ext4: fix bug_on in __es_tree_search caused by bad boot loader inode . * ext4: fix cgroup writeback accounting with fs-layer encryption . * ext4: fix deadlock due to mbcache entry corruption . * ext4: fix error code return to user-space in ext4_get_branch . * ext4: fix i_disksize exceeding i_size problem in paritally written case . * ext4: fix to check return value of freeze_bdev in ext4_shutdown . * ext4: improve error recovery code paths in __ext4_remount . * ext4: init quota for "old.inode" in "ext4_rename" . * ext4: initialize quota before expanding inode in setproject ioctl . * ext4: move where set the MAY_INLINE_DATA flag is set . * ext4: only update i_reserved_data_blocks on successful block allocation . * ext4: zero i_disksize when initializing the bootloader inode . * fs: dlm: cancel work sync othercon . * fs: dlm: filter user dlm messages for kernel locks . * fs: dlm: fix configfs memory leak . * fs: dlm: fix debugfs dump . * fs: dlm: fix memory leak when fenced . * fs: dlm: fix race between test_bit and queue_work . * fs: dlm: handle -EBUSY first in lock arg validation . * fs: fix guard_bio_eod to check for real EOD errors . * fs: prevent BUG_ON in submit_bh_wbc . * fuse: revalidate: do not invalidate if interrupted . * igb: revert rtnl_lock that causes deadlock . * include/trace/events/writeback.h: fix -Wstringop-truncation warnings . * inotify: Avoid reporting event with invalid wd . * jbd2: Fix statistics for the number of logged blocks . * jbd2: abort journal if free a async write error metadata buffer . * jbd2: fix assertion "jh- greater than;b_frozen_data == NULL" failure when journal aborted . * jbd2: fix data races at struct journal_head . * jbd2: fix invalid descriptor block checksum . * jbd2: fix race when writing superblock . * jdb2: Do not refuse invalidation of already invalidated buffers . * kernel-docs: Add buildrequires on python3-base when using python3 The python3 binary is provided by python3-base. * kernel-docs: Use python3 together with python3-Sphinx . * lib/string: Add strscpy_pad function . * mbcache: Fixup kABI of mb_cache_entry . * memcg: drop kmem.limit_in_bytes . * memcg: fix a crash in wb_workfn when a device disappears . * net: mana: Add support for vlan tagging . * ocfs2: check new file size on fallocate call . * ocfs2: fix use-after-free when unmounting read-only filesystem . * powerpc/64: update speculation_store_bypass in /proc/ less than;pid greater than;/status . * powerpc/mm/dax: Fix the condition when checking if altmap vmemap can cross- boundary . * rpm/check-for-config-changes: ignore also PAHOLE_HAS_* We now also have options like CONFIG_PAHOLE_HAS_LANG_EXCLUDE. * s390/cio: check the subchannel validity for dev_busid . * s390/cpum_sf: adjust sampling interval to avoid hitting sample limits . * s390/dasd: fix memleak in path handling error case . * s390/maccess: add no dat mode to kernel_write . * s390/numa: move initial setup of node_to_cpumask_map . * s390/perf: Change CPUM_CF return code in event init function . * s390/perf: Return error when debug_register fails . * s390: limit brk randomization to 32MB . * scsi: qla2xxx: update version to 10.02.08.400-k . * uas: add no-uas quirk for Hiksemi usb_disk . * uas: ignore UAS for Thinkplus chips . * ubi: Fix failure attaching when vid_hdr offset equals to page size . * ubi: ensure that VID header offset + VID header size less than;= alloc, size . * udf: Avoid double brelse in udf_rename . * udf: Check consistency of Space Bitmap Descriptor . * udf: Define EFSCORRUPTED error code . * udf: Discard preallocation before extending file with a hole . * udf: Do not bother looking for prealloc extents if i_lenExtents matches i_size . * udf: Do not bother merging very long extents . * udf: Do not update file length for failed writes to inline files . * udf: Drop unused arguments of udf_delete_aext . * udf: Fix extending file within last block . * udf: Fix preallocation discarding at indirect extent boundary . * udf: Truncate added extents on failed expansion . * update suse/s390-dasd-fix-no-record-found-for-raw_track_access . * update suse/scsi-zfcp-fix-missing-auto-port-scan-and-thus-missing-target- ports . * usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS . * usrmerge: Adjust module path in the kernel sources . * vfio-ccw: Do not call flush_workqueue while holding the spinlock . * vfio-ccw: fence off transport mode . * vfio-ccw: prevent quiesce function going into an infinite loop . * vfio-ccw: release any channel program when releasing/removing vfio-ccw mdev . * writeback: fix call of incorrect macro . * x86/bugs: Enable STIBP for JMP2RET . * x86/bugs: Remove apostrophe typo . * x86/bugs: Warn when 'ibrs' mitigation is selected on Enhanced IBRS parts . * x86/cpu: Load microcode during restore_processor_state . * x86/delay: Fix the wrong asm constraint in delay_loop . * x86/speculation/mmio: Print SMT warning . * x86: Fix return value of __setup handlers . ## Special Instructions and Notes: * Please reboot the system after installing this update.