The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-40982: Fixed transient execution attack called "Gather Data Sampling" . * CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec . * CVE-2023-20569: Fixed side channel attack 'Inception' or 'RAS Poisoning' . * CVE-2023-21400: Fixed several memory corruptions due to improper locking in io_uring . * CVE-2023-2156: Fixed a flaw in the networking subsystem within the handling of the RPL protocol . * CVE-2023-2166: Fixed NULL pointer dereference in can_rcv_filter . * CVE-2023-31083: Fixed race condition in hci_uart_tty_ioctl . * CVE-2023-3268: Fixed an out of bounds memory access flaw in relay_file_read_start_pos in the relayfs . * CVE-2023-3567: Fixed a use-after-free in vcs_read in drivers/tty/vt/vc_screen.c . * CVE-2023-3609: Fixed reference counter leak leading to overflow in net/sched . * CVE-2023-3611: Fixed an out-of-bounds write in net/sched sch_qfq. * CVE-2023-3776: Fixed improper refcount update in cls_fw leads to use-after- free . * CVE-2023-4004: Fixed improper element removal netfilter nft_set_pipapo . The following non-security bugs were fixed: * afs: Fix access after dec in put functions . * afs: Fix afs_getattr to refetch file status if callback break occurred . * afs: Fix dynamic root getattr . * afs: Fix fileserver probe RTT handling . * afs: Fix infinite loop found by xfstest generic/676 . * afs: Fix lost servers_outstanding count . * afs: Fix server- greater than active leak in afs_put_server . * afs: Fix setting of mtime when creating a file/dir/symlink . * afs: Fix updating of i_size with dv jump from server . * afs: Fix vlserver probe RTT handling . * afs: Return -EAGAIN, not -EREMOTEIO, when a file already locked . * afs: Use refcount_t rather than atomic_t . * afs: Use the operation issue time instead of the reply time for callbacks . * afs: adjust ack interpretation to try and cope with nat . * alsa: emu10k1: roll up loops in dsp setup code for audigy . * alsa: hda/realtek: support asus g713pv laptop . * alsa: hda/relatek: enable mute led on hp 250 g8 . * alsa: usb-audio: add quirk for microsoft modern wireless headset . * alsa: usb-audio: update for native dsd support quirks . * asoc: atmel: fix the 8k sample parameter in i2sc master . * asoc: codecs: es8316: fix dmic config . * asoc: da7219: check for failure reading aad irq events . * asoc: da7219: flush pending aad irq when suspending . * asoc: fsl_sai: disable bit clock with transmitter . * asoc: fsl_spdif: silence output on stop . * asoc: rt5682-sdw: fix for jd event handling in clockstop mode0 . * asoc: rt711-sdca: fix for jd event handling in clockstop mode0 . * asoc: rt711: fix for jd event handling in clockstop mode0 . * asoc: wm8904: fill the cache for wm8904_adc_test_0 register . * ata: pata_ns87415: mark ns87560_tf_read static . * block, bfq: Fix division by zero error on zero wsum . * block: Fix a source code comment in include/uapi/linux/blkzoned.h . * can: gs_usb: gs_can_close: add missing set of CAN state to CAN_STATE_STOPPED . * ceph: do not let check_caps skip sending responses for revoke msgs . * coda: Avoid partial allocation of sig_inputArgs . * dlm: fix missing lkb refcount handling . * dlm: fix plock invalid read . * documentation: devices.txt: reconcile serial/ucc_uart minor numers . * drm/amd/display: Disable MPC split by default on special asic . * drm/amd/display: Keep PHY active for DP displays on DCN31 . * drm/client: Fix memory leak in drm_client_modeset_probe . * drm/msm/adreno: Fix snapshot BINDLESS_DATA size . * drm/msm/dpu: drop enum dpu_core_perf_data_bus_id . * drm/msm: Fix IS_ERR_OR_NULL vs NULL check in a5xx_submit_in_rb . * drm/radeon: Fix integer overflow in radeon_cs_parser_init . * file: always lock position for FMODE_ATOMIC_POS . * fs: dlm: add midcomms init/start functions . * fs: dlm: do not set stop rx flag after node reset . * fs: dlm: filter user dlm messages for kernel locks . * fs: dlm: fix log of lowcomms vs midcomms . * fs: dlm: fix race between test_bit and queue_work . * fs: dlm: fix race in lowcomms . * fs: dlm: handle -EBUSY first in lock arg validation . * fs: dlm: move sending fin message into state change handling . * fs: dlm: retry accept until -EAGAIN or error returns . * fs: dlm: return positive pid value for F_GETLK . * fs: dlm: start midcomms before scand . * fs: hfsplus: remove WARN_ON from hfsplus_cat_{read,write}_inode . * fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev . * fs: jfs: check for read-only mounted filesystem in txbegin . * fs: jfs: fix null-ptr-deref read in txbegin . * gve: Set default duplex configuration to full . * gve: unify driver name usage . * hwmon: Enable AMD3255 Proc to show negative temperature . * hwmon: Fix for temp6 processed even if PECI1 disabled . * iavf: Fix out-of-bounds when setting channels on remove . * iavf: Fix use-after-free in free_netdev . * iavf: use internal state to free traffic IRQs . * igc: Check if hardware TX timestamping is enabled earlier . * igc: Enable and fix RX hash usage by netstack . * igc: Fix Kernel Panic during ndo_tx_timeout callback . * igc: Fix inserting of empty frame for launchtime . * igc: Fix launchtime before start of cycle . * igc: Fix race condition in PTP tx code . * igc: Handle PPS start time programming for past time values . * igc: Prevent garbled TX queue with XDP ZEROCOPY . * igc: Remove delay during TX ring configuration . * igc: Work around HW bug causing missing timestamps . * igc: set TP bit in "supported" and "advertising" fields of ethtool_link_ksettings . * input: i8042 - add clevo pcx0dx to i8042 quirk table . * input: iqs269a - do not poll during ati . * input: iqs269a - do not poll during suspend or resume . * jffs2: GC deadlock reading a page that is used in jffs2_write_begin . * jffs2: fix memory leak in jffs2_do_fill_super . * jffs2: fix memory leak in jffs2_do_mount_fs . * jffs2: fix memory leak in jffs2_scan_medium . * jffs2: fix use-after-free in jffs2_clear_xattr_subsystem . * jffs2: reduce stack usage in jffs2_build_xattr_subsystem . * jfs: jfs_dmap: Validate db_l2nbperpage while mounting . * kvm: arm64: do not read a hw interrupt pending state in user context * kvm: arm64: warn if accessing timer pending state outside of vcpu * kvm: do not null dereference ops- greater than destroy * kvm: downgrade two bug_ons to warn_on_once * kvm: initialize debugfs_dentry when a vm is created to avoid null * kvm: s390: pv: fix index value of replaced asce . * kvm: vmx: inject #gp on encls if vcpu has paging disabled . * kvm: vmx: inject #gp, not #ud, if sgx2 encls leafs are unsupported . * kvm: vmx: restore vmx_vmexit alignment . * kvm: x86: account fastpath-only vm-exits in vcpu stats . * libceph: harden msgr2.1 frame segment length checks . * media: staging: atomisp: select V4L2_FWNODE . * net/sched: sch_qfq: refactor parsing of netlink parameters . * net/sched: sch_qfq: reintroduce lmax bound check for MTU . * net: ena: fix shift-out-of-bounds in exponential backoff . * net: mana: Batch ringing RX queue doorbell on receiving packets . * net: mana: Use the correct WQE count for ringing RQ doorbell . * net: phy: marvell10g: fix 88x3310 power up . * nfsd: add encoding of op_recall flag for write delegation . * nfsd: fix double fget bug in __write_ports_addfd . * nfsd: fix sparse warning . * nfsd: remove open coding of string copy . * nfsv4.1: always send a reclaim_complete after establishing lease . * nfsv4.1: freeze the session table upon receiving nfs4err_badsession . * nvme-pci: fix DMA direction of unmapping integrity data . * nvme-pci: remove nvme_queue from nvme_iod . * octeontx-af: fix hardware timestamp configuration . * octeontx2-af: Move validation of ptp pointer before its usage . * octeontx2-pf: Add additional check for MCAM rules . * phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe . * pinctrl: amd: Do not show `Invalid config param` errors . * pinctrl: amd: Use amd_pinconf_set for all config options . * platform/x86: msi-laptop: Fix rfkill out-of-sync on MSI Wind U100 . * rdma/bnxt_re: fix hang during driver unload * rdma/bnxt_re: prevent handling any completions after qp destroy * rdma/core: update cma destination address on rdma_resolve_addr * rdma/irdma: add missing read barriers * rdma/irdma: fix data race on cqp completion stats * rdma/irdma: fix data race on cqp request done * rdma/irdma: fix op_type reporting in cqes * rdma/irdma: report correct wc error * rdma/mlx4: make check for invalid flags stricter * rdma/mthca: fix crash when polling cq for shared qps * regmap: Account for register length in SMBus I/O limits . * regmap: Drop initial version of maximum transfer length fixes . * revert "debugfs, coccinelle: check for obsolete define_simple_attribute usage" . * revert "nfsv4: retry lock on old_stateid during delegation return" . * revert "usb: dwc3: core: enable autoretry feature in the controller" . * revert "usb: gadget: tegra-xudc: fix error check in tegra_xudc_powerdomain_init" . * revert "usb: xhci: tegra: fix error check" . * revert "xhci: add quirk for host controllers that do not update endpoint dcs" . * rxrpc, afs: Fix selection of abort codes . * s390/bpf: Add expoline to tail calls . * s390/dasd: fix hanging device after quiesce/resume . * s390/decompressor: specify __decompress buf len to avoid overflow . * s390/ipl: add missing intersection check to ipl_report handling . * s390/qeth: Fix vipa deletion . * s390/vmem: fix empty page tables cleanup under KASAN . * s390: introduce nospec_uses_trampoline . * scftorture: Count reschedule IPIs . * scsi: lpfc: Abort outstanding ELS cmds when mailbox timeout error is detected . * scsi: lpfc: Avoid -Wstringop-overflow warning . * scsi: lpfc: Clean up SLI-4 sysfs resource reporting . * scsi: lpfc: Copyright updates for 14.2.0.14 patches . * scsi: lpfc: Fix a possible data race in lpfc_unregister_fcf_rescan . * scsi: lpfc: Fix incorrect big endian type assignment in bsg loopback path . * scsi: lpfc: Fix incorrect big endian type assignments in FDMI and VMID paths . * scsi: lpfc: Fix lpfc_name struct packing . * scsi: lpfc: Make fabric zone discovery more robust when handling unsolicited LOGO . * scsi: lpfc: Pull out fw diagnostic dump log message from driver"s trace buffer . * scsi: lpfc: Qualify ndlp discovery state when processing RSCN . * scsi: lpfc: Refactor cpu affinity assignment paths . * scsi: lpfc: Remove extra ndlp kref decrement in FLOGI cmpl for loop topology . * scsi: lpfc: Replace all non-returning strlcpy with strscpy . * scsi: lpfc: Replace one-element array with flexible-array member . * scsi: lpfc: Revise ndlp kref handling for dev_loss_tmo_callbk and lpfc_drop_node . * scsi: lpfc: Set Establish Image Pair service parameter only for Target Functions . * scsi: lpfc: Simplify fcp_abort transport callback log message . * scsi: lpfc: Update lpfc version to 14.2.0.14 . * scsi: lpfc: Use struct_size helper . * scsi: qla2xxx: Adjust IOCB resource on qpair create . * scsi: qla2xxx: Array index may go out of bound . * scsi: qla2xxx: Avoid fcport pointer dereference . * scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport . * scsi: qla2xxx: Correct the index of array . * scsi: qla2xxx: Drop useless LIST_HEAD . * scsi: qla2xxx: Fix NULL pointer dereference in target mode . * scsi: qla2xxx: Fix TMF leak through . * scsi: qla2xxx: Fix buffer overrun . * scsi: qla2xxx: Fix command flush during TMF . * scsi: qla2xxx: Fix deletion race condition . * scsi: qla2xxx: Fix end of loop test . * scsi: qla2xxx: Fix erroneous link up failure . * scsi: qla2xxx: Fix error code in qla2x00_start_sp . * scsi: qla2xxx: Fix potential NULL pointer dereference . * scsi: qla2xxx: Fix session hang in gnl . * scsi: qla2xxx: Limit TMF to 8 per function . * scsi: qla2xxx: Pointer may be dereferenced . * scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue . * scsi: qla2xxx: Replace one-element array with DECLARE_FLEX_ARRAY helper . * scsi: qla2xxx: Silence a static checker warning . * scsi: qla2xxx: Turn off noisy message log . * scsi: qla2xxx: Update version to 10.02.08.400-k . * scsi: qla2xxx: Update version to 10.02.08.500-k . * scsi: qla2xxx: Use vmalloc_array and vcalloc . * scsi: qla2xxx: fix inconsistent TMF timeout . * serial: qcom-geni: drop bogus runtime pm state update . * serial: sifive: Fix sifive_serial_console_setup section . * soundwire: qcom: update status correctly with mask . * staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext . * staging: r8712: Fix memory leak in _r8712_init_xmit_priv . * sunrpc: always free ctxt when freeing deferred request . * sunrpc: double free xprt_ctxt while still in use . * sunrpc: fix trace_svc_register call site . * sunrpc: fix uaf in svc_tcp_listen_data_ready . * sunrpc: remove dead code in svc_tcp_release_rqst . * sunrpc: remove the maximum number of retries in call_bind_status . * svcrdma: Prevent page release when nothing was received . * tpm_tis: Explicitly check for error code . * tty: n_gsm: fix UAF in gsm_cleanup_mux . * ubifs: Add missing iput if do_tmpfile failed in rename whiteout . * ubifs: Error path in ubifs_remount_rw seems to wrongly free write buffers . * ubifs: Fix "ui- greater than dirty" race between do_tmpfile and writeback work . * ubifs: Fix AA deadlock when setting xattr for encrypted file . * ubifs: Fix build errors as symbol undefined . * ubifs: Fix deadlock in concurrent rename whiteout and inode writeback . * ubifs: Fix memory leak in alloc_wbufs . * ubifs: Fix memory leak in do_rename . * ubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock . * ubifs: Fix to add refcount once page is set private . * ubifs: Fix wrong dirty space budget for dirty inode . * ubifs: Free memory for tmpfile name . * ubifs: Rectify space amount budget for mkdir/tmpfile operations . * ubifs: Rectify space budget for ubifs_symlink if symlink is encrypted . * ubifs: Rectify space budget for ubifs_xrename . * ubifs: Rename whiteout atomically . * ubifs: Reserve one leb for each journal head while doing budget . * ubifs: do_rename: Fix wrong space budget when target inode"s nlink greater than 1 . * ubifs: rename_whiteout: Fix double free for whiteout_ui- greater than data . * ubifs: rename_whiteout: correct old_dir size computing . * ubifs: setflags: Make dirtied_ino_d 8 bytes aligned . * ubifs: ubifs_writepage: Mark page dirty after writing inode failed . * usb: dwc3: do not reset device side if dwc3 was configured as host-only . * usb: dwc3: pci: skip BYT GPIO lookup table for hardwired phy . * usb: gadget: core: remove unbalanced mutex_unlock in usb_gadget_activate . * usb: xhci-mtk: set the dma max_seg_size . * vhost: support PACKED when setting-getting vring_base . * vhost_net: revert upend_idx only on retriable error . * virtio-net: Maintain reverse cleanup order . * virtio_net: Fix error unwinding of XDP initialization . * x86/PVH: obtain VGA console info in Dom0 . * xen/blkfront: Only check REQ_FUA for writes . * xen/pvcalls-back: fix double frees with pvcalls_new_active_socket . ## Special Instructions and Notes: * Please reboot the system after installing this update.