The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2985: Fixed an use-after-free vulnerability in hfsplus_put_super in fs/hfsplus/super.c that could allow a local user to cause a denial of service . * CVE-2023-3117: Fixed an use-after-free vulnerability in the netfilter subsystem when processing named and anonymous sets in batch requests that could allow a local user with CAP_NET_ADMIN capability to crash or potentially escalate their privileges on the system . * CVE-2023-3390: Fixed an use-after-free vulnerability in the netfilter subsystem in net/netfilter/nf_tables_api.c that could allow a local attacker with user access to cause a privilege escalation issue . * CVE-2023-3812: Fixed an out-of-bounds memory access flaw in the TUN/TAP device driver functionality that could allow a local user to crash or potentially escalate their privileges on the system . * CVE-2023-20593: Fixed a ZenBleed issue in "Zen 2" CPUs that could allow an attacker to potentially access sensitive information . * CVE-2023-31248: Fixed an use-after-free vulnerability in nft_chain_lookup_byid that could allow a local attacker to escalate their privilege . * CVE-2023-35001: Fixed an out-of-bounds memory access flaw in nft_byteorder that could allow a local attacker to escalate their privilege . The following non-security bugs were fixed: * Dropped patch that caused issues with k3s . * ASoC: Intel: sof_sdw: remove SOF_SDW_TGL_HDMI for MeteorLake devices . * ASoC: SOF: topology: Fix logic for copying tuples . * Bluetooth: ISO: Fix CIG auto-allocation to select configurable CIG . * Bluetooth: ISO: consider right CIS when removing CIG at cleanup . * Bluetooth: ISO: fix iso_conn related locking and validity issues . * Bluetooth: ISO: use hci_sync for setting CIG parameters . * Bluetooth: fix invalid-bdaddr quirk for non-persistent setup . * Bluetooth: fix use-bdaddr-property quirk . * Bluetooth: hci_bcm: do not mark valid bd_addr as invalid . * Bluetooth: hci_event: call disconnect callback before deleting conn . * Bluetooth: hci_sync: Avoid use-after-free in dbg for hci_remove_adv_monitor . * Bluetooth: use RCU for hci_conn_params and iterate safely in hci_sync . * Enable NXP SNVS RTC driver for i.MX 8MQ/8MP * PCI: s390: Fix use-after-free of PCI resources with per-function hotplug . * PCI: vmd: Fix uninitialized variable usage in vmd_enable_domain . * Revert "arm64: dts: zynqmp: Add address-cells property to interrupt * Revert "drm/i915: Disable DSB usage for now" . * USB: dwc2: Fix some error handling paths . * USB: gadget: udc: core: Offload usb_udc_vbus_handler processing . * USB: gadget: udc: core: Prevent soft_connect_store race . * USB: typec: Fix fast_role_swap_current show function . * Update config and supported.conf files due to renaming. * acpi: Fix suspend with Xen PV . * adreno: Shutdown the GPU properly . * arm64/mm: mark private VM_FAULT_X defines as vm_fault_t * arm64: dts: microchip: sparx5: do not use PSCI on reference boards * arm64: vdso: Pass to virt_to_page * arm64: xor-neon: mark xor_arm64_neon_* static * can: bcm: Fix UAF in bcm_proc_show . * ceph: add a dedicated private data for netfs rreq . * ceph: fix blindly expanding the readahead windows . * cifs: add a warning when the in-flight count goes negative . * cifs: address unused variable warning . * cifs: do all necessary checks for credits within or before locking . * cifs: fix lease break oops in xfstest generic/098 . * cifs: fix max_credits implementation . * cifs: fix session state check in reconnect to avoid use-after-free issue . * cifs: fix session state check in smb2_find_smb_ses . * cifs: fix session state transition to avoid use-after-free issue . * cifs: fix sockaddr comparison in iface_cmp . * cifs: fix status checks in cifs_tree_connect . * cifs: log session id when a matching ses is not found . * cifs: new dynamic tracepoint to track ses not found errors . * cifs: prevent use-after-free by freeing the cfile later . * cifs: print all credit counters in DebugData . * cifs: print client_guid in DebugData . * cifs: print more detail when invalidate_inode_mapping fails . * cifs: print nosharesock value while dumping mount options . * codel: fix kernel-doc notation warnings . * cpufreq: tegra194: Fix module loading . * devlink: fix kernel-doc notation warnings . * dma-buf/dma-resv: Stop leaking on krealloc failure . * drm/amd/amdgpu: introduce gc_*_mes_2.bin v2 . * drm/amd/amdgpu: limit one queue per gang . * drm/amd/amdgpu: update mes11 api def . * drm/amd/display : fix enum mismatch . * drm/amd/display: Add Z8 allow states to z-state support list . * drm/amd/display: Add debug option to skip PSR CRTC disable . * drm/amd/display: Add minimum Z8 residency debug option . * drm/amd/display: Add missing WA and MCLK validation . * drm/amd/display: Change default Z8 watermark values . * drm/amd/display: Correct DML calculation to align HW formula . * drm/amd/display: Correct DML calculation to follow HW SPEC . * drm/amd/display: Do not update DRR while BW optimizations pending . * drm/amd/display: Enable HostVM based on rIOMMU active . * drm/amd/display: Enforce 60us prefetch for 200Mhz DCFCLK modes . * drm/amd/display: Ensure vmin and vmax adjust for DCE . * drm/amd/display: Fix 4to1 MPC black screen with DPP RCO . * drm/amd/display: Fix Z8 support configurations . * drm/amd/display: Fix a test CalculatePrefetchSchedule . * drm/amd/display: Fix a test dml32_rq_dlg_get_rq_reg . * drm/amd/display: Have Payload Properly Created After Resume . * drm/amd/display: Lowering min Z8 residency time . * drm/amd/display: Reduce sdp bw after urgent to 90% . * drm/amd/display: Refactor eDP PSR codes . * drm/amd/display: Remove FPU guards from the DML folder . * drm/amd/display: Remove optimization for VRR updates . * drm/amd/display: Remove stutter only configurations . * drm/amd/display: Update Z8 SR exit/enter latencies . * drm/amd/display: Update Z8 watermarks for DCN314 . * drm/amd/display: Update minimum stutter residency for DCN314 Z8 . * drm/amd/display: filter out invalid bits in pipe_fuses . * drm/amd/display: fix PSR-SU/DSC interoperability support . * drm/amd/display: fix a divided-by-zero error . * drm/amd/display: fixed dcn30+ underflow issue . * drm/amd/display: limit timing for single dimm memory . * drm/amd/display: populate subvp cmd info only for the top pipe . * drm/amd/display: set dcn315 lb bpp to 48 . * drm/amd/pm: add missing NotifyPowerSource message mapping for SMU13.0.7 . * drm/amd/pm: avoid potential UBSAN issue on legacy asics . * drm/amd/pm: conditionally disable pcie lane switching for some sienna_cichlid SKUs . * drm/amd/pm: fix possible power mode mismatch between driver and PMFW . * drm/amd/pm: resolve reboot exception for si oland . * drm/amd/pm: reverse mclk and fclk clocks levels for SMU v13.0.4 . * drm/amd/pm: reverse mclk clocks levels for SMU v13.0.5 . * drm/amd/pm: workaround for compute workload type on some skus . * drm/amd: Add a new helper for loading/validating microcode . * drm/amd: Do not allow s0ix on APUs older than Raven . * drm/amd: Load MES microcode during early_init . * drm/amd: Use `amdgpu_ucode_*` helpers for MES . * drm/amdgpu/gfx11: Adjust gfxoff before powergating on gfx11 as well . * drm/amdgpu/gfx11: update gpu_clock_counter logic . * drm/amdgpu/gfx: set cg flags to enter/exit safe mode . * drm/amdgpu/gmc11: implement get_vbios_fb_size . * drm/amdgpu/jpeg: Remove harvest checking for JPEG3 . * drm/amdgpu/mes11: enable reg active poll . * drm/amdgpu/vcn: Disable indirect SRAM on Vangogh broken BIOSes . * drm/amdgpu/vkms: relax timer deactivation by hrtimer_try_to_cancel . * drm/amdgpu: Do not set struct drm_driver.output_poll_changed . * drm/amdgpu: Fix desktop freezed after gpu-reset . * drm/amdgpu: Fix memcpy in sienna_cichlid_append_powerplay_table function . * drm/amdgpu: Fix sdma v4 sw fini error . * drm/amdgpu: Fix usage of UMC fill record in RAS . * drm/amdgpu: Force signal hw_fences that are embedded in non-sched jobs . * drm/amdgpu: add mes resume when do gfx post soft reset . * drm/amdgpu: change reserved vram info print . * drm/amdgpu: declare firmware for new MES 11.0.4 . * drm/amdgpu: enable tmz by default for GC 11.0.1 . * drm/amdgpu: fix amdgpu_irq_put call trace in gmc_v10_0_hw_fini . * drm/amdgpu: fix amdgpu_irq_put call trace in gmc_v11_0_hw_fini . * drm/amdgpu: fix an amdgpu_irq_put issue in gmc_v9_0_hw_fini . * drm/amdgpu: refine get gpu clock counter method . * drm/amdgpu: remove deprecated MES version vars . * drm/amdgpu: reserve the old gc_11_0_*_mes.bin . * drm/amdgpu: set gfx9 onwards APU atomics support to be true . * drm/amdgpu: vcn_4_0 set instance 0 init sched score to 1 . * drm/bridge: anx7625: Convert to i2c"s .probe_new . * drm/bridge: anx7625: Fix refcount bug in anx7625_parse_dt . * drm/bridge: anx7625: Prevent endless probe loop . * drm/bridge: it6505: Move a variable assignment behind a null pointer check in receive_timing_debugfs_show . * drm/bridge: tc358767: Switch to devm MIPI-DSI helpers . * drm/bridge: tc358768: Add atomic_get_input_bus_fmts implementation . * drm/bridge: tc358768: fix TCLK_TRAILCNT computation . * drm/bridge: tc358768: fix THS_TRAILCNT computation . * drm/bridge: tc358768: fix THS_ZEROCNT computation . * drm/bridge: ti-sn65dsi83: Fix enable error path . * drm/client: Fix memory leak in drm_client_target_cloned . * drm/display/dp_mst: Fix payload addition on a disconnected sink . * drm/display: Do not block HDR_OUTPUT_METADATA on unknown EOTF . * drm/drm_vma_manager: Add drm_vma_node_allow_once . * drm/dsc: fix DP_DSC_MAX_BPP_DELTA_* macro values . * drm/dsc: fix drm_edp_dsc_sink_output_bpp DPCD high byte usage . * drm/etnaviv: move idle mapping reaping into separate function . * drm/etnaviv: reap idle mapping if it does not match the softpin address . * drm/i915/dp_mst: Add the MST topology state for modesetted CRTCs . * drm/i915/fbdev: lock the fbdev obj before vma pin . * drm/i915/gt: Cleanup partial engine discovery failures . * drm/i915/guc: Add error-capture init warnings when needed . * drm/i915/guc: Fix missing ecodes . * drm/i915/guc: Limit scheduling properties to avoid overflow . * drm/i915/guc: Rename GuC register state capture node to be more obvious . * drm/i915/mtl: update scaler source and destination limits for MTL . * drm/i915/sdvo: Grab mode_config.mutex during LVDS init to avoid WARNs . * drm/i915/sseu: fix max_subslices array-index-out-of-bounds access . * drm/i915/tc: Fix TC port link ref init for DP MST during HW readout . * drm/i915: Allow panel fixed modes to have differing sync polarities . * drm/i915: Check pipe source size when using skl+ scalers . * drm/i915: Do panel VBT init early if the VBT declares an explicit panel type . * drm/i915: Fix TypeC mode initialization during system resume . * drm/i915: Fix a memory leak with reused mmap_offset . * drm/i915: Fix negative value passed as remaining time . * drm/i915: Fix one wrong caching mode enum usage . * drm/i915: Introduce intel_panel_init_alloc . * drm/i915: Never return 0 if not all requests retired . * drm/i915: Populate encoder- greater than devdata for DSI on icl+ . * drm/i915: Print return value on error . * drm/i915: Use _MMIO_PIPE for SKL_BOTTOM_COLOR . * drm/meson: Fix return type of meson_encoder_cvbs_mode_valid . * drm/msm/a5xx: really check for A510 in a5xx_gpu_init . * drm/msm/adreno: Simplify read64/write64 helpers . * drm/msm/adreno: fix runtime PM imbalance at unbind . * drm/msm/disp/dpu: get timing engine status from intf status register . * drm/msm/dpu: Add DSC hardware blocks to register snapshot . * drm/msm/dpu: Assign missing writeback log_mask . * drm/msm/dpu: Set DPU_DATA_HCTL_EN for in INTF_SC7180_MASK . * drm/msm/dpu: clean up dpu_kms_get_clk_rate returns . * drm/msm/dpu: set DSC flush bit correctly at MDP CTL flush register . * drm/msm/hdmi: use devres helper for runtime PM management . * drm/panel: boe-tv101wum-nl6: Ensure DSI writes succeed during disable . * drm/panel: simple: Add Powertip PH800480T013 drm_display_mode flags . * drm/panel: simple: Add connector_type for innolux_at043tn24 . * drm/rockchip: dw_hdmi: cleanup drm encoder during unbind . * drm/ttm: Do not leak a resource on swapout move error . * drm/virtio: Fix memory leak in virtio_gpu_object_create . * drm/virtio: Simplify error handling of virtio_gpu_object_create . * drm/vmwgfx: Refactor resource manager"s hashtable to use linux/hashtable implementation . * drm/vmwgfx: Refactor resource validation hashtable to use linux/hashtable implementation . * drm/vmwgfx: Refactor ttm reference object hashtable to use linux/hashtable . * drm/vmwgfx: Remove ttm object hashtable . * drm/vmwgfx: Remove vmwgfx_hashtab . * drm/vmwgfx: Write the driver id registers . * drm: Add fixed-point helper to get rounded integer values . * drm: Add missing DP DSC extended capability definitions . * drm: Optimize drm buddy top-down allocation method . * drm: buddy_allocator: Fix buddy allocator init on 32-bit systems . * drm: panel-orientation-quirks: Add quirk for DynaBook K50 . * drm: rcar-du: Add quirk for H3 ES1.x pclk workaround . * drm: rcar-du: Fix setting a reserved bit in DPLLCR . * drm: use mgr- greater than dev in drm_dbg_kms in drm_dp_add_payload_part2 . * fuse: ioctl: translate ENOSYS in outarg . * fuse: revalidate: do not invalidate if interrupted . * i2c: tegra: Set ACPI node as primary fwnode . * irqchip/gic-v3: Claim iomem resources * irqchip/gicv3: Handle resource request failure consistently * irqchip/gicv3: Workaround for NVIDIA erratum T241-FABRIC-4 * kABI: do not check external trampolines for signature . * kabi/severities: Add VAS symbols changed due to recent fix VAS accelerators are directly tied to the architecture, there is no reason to have out-of- tree production drivers * kabi/severities: ignore kABI of i915 module It"s exported only for its sub- module, not really used by externals * kabi/severities: ignore kABI of vmwgfx The driver exports a function unnecessarily without used by anyone else. Ignore the kABI changes. * memcg: drop kmem.limit_in_bytes . * net: mana: Add support for vlan tagging . * net: phy: prevent stale pointer dereference in phy_init . * net: qrtr: Fix an uninit variable access bug in qrtr_tx_resume . * net: qrtr: start MHI channel after endpoit creation . * nilfs2: reject devices with insufficient block count . * ocfs2: Switch to security_inode_init_security . * ocfs2: check new file size on fallocate call . * ocfs2: fix use-after-free when unmounting read-only filesystem . * perf/x86/amd/core: Always clear status for idx . * pie: fix kernel-doc notation warning . * powerpc/64: Only WARN if __pa/__va called with bad addresses . * powerpc/64s: Fix VAS mm use after free . * powerpc/book3s64/mm: Fix DirectMap stats in /proc/meminfo . * powerpc/bpf: Fix use of user_pt_regs in uapi . * powerpc/ftrace: Remove ftrace init tramp once kernel init is complete . * powerpc/interrupt: Do not read MSR from interrupt_exit_kernel_prepare . * powerpc/mm/dax: Fix the condition when checking if altmap vmemap can cross- boundary . * powerpc/mm: Switch obsolete dssall to .long . * powerpc/powernv/sriov: perform null check on iov before dereferencing iov . * powerpc/powernv/vas: Assign real address to rx_fifo in vas_rx_win_attr . * powerpc/prom_init: Fix kernel config grep . * powerpc/pseries/vas: Hold mmap_mutex after mmap lock during window close . * powerpc/secvar: fix refcount leak in format_show . * powerpc/xics: fix refcount leak in icp_opal_init . * powerpc: clean vdso32 and vdso64 directories . * powerpc: define get_cycles macro for arch-override . * powerpc: update ppc_save_regs to save current r1 in pt_regs . * rpm/check-for-config-changes: ignore also RISCV_ISA_ _and DYNAMIC_SIGFRAME They depend on CONFIG_TOOLCHAIN_HAS__. * rsi: remove kernel-doc comment marker . * s390/ap: fix status returned by ap_aqic . * s390/ap: fix status returned by ap_qact . * s390/debug: add _ASM_S390_ prefix to header guard . * s390/pci: clean up left over special treatment for function zero . * s390/pci: only add specific device in zpci_bus_scan_device . * s390/pci: remove redundant pci_bus_add_devices on new bus . * s390/percpu: add READ_ONCE to arch_this_cpu_to_op_simple . * s390: define RUNTIME_DISCARD_EXIT to fix link error with GNU ld less than 2.36 . * s390: discard .interp section . * security: keys: Modify mismatched function name . * selftests/ir: fix build with ancient kernel headers . * selftests: cgroup: fix unsigned comparison with less than zero . * selftests: forwarding: Fix packet matching in mirroring selftests . * selftests: tc: add "ct" action kconfig dep . * selftests: tc: add ConnTrack procfs kconfig . * selftests: tc: set timeout to 15 minutes . * signal/powerpc: On swapcontext failure force SIGSEGV . * signal: Replace force_sigsegv with force_fatal_sig . * smb3: do not reserve too many oplock credits . * smb3: missing null check in SMB2_change_notify . * smb: client: fix broken file attrs with nodfs mounts . * smb: client: fix missed ses refcounting . * smb: client: fix parsing of source mount option . * smb: client: fix shared DFS root mounts with different prefixes . * smb: client: fix warning in CIFSFindFirst . * smb: client: fix warning in CIFSFindNext . * smb: client: fix warning in cifs_match_super . * smb: client: fix warning in cifs_smb3_do_mount . * smb: client: fix warning in generic_ip_connect . * smb: client: improve DFS mount check . * smb: client: remove redundant pointer "server" . * smb: delete an unnecessary statement . * smb: move client and server files to common directory fs/smb . * smb: remove obsolete comment . * soundwire: bus_type: Avoid lockdep assert in sdw_drv_probe . * soundwire: cadence: Drain the RX FIFO after an IO timeout . * soundwire: stream: Add missing clear of alloc_slave_rt . * spi: bcm63xx: fix max prepend length . * swsmu/amdgpu_smu: Fix the wrong if-condition . * tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation . * wifi: airo: avoid uninitialized warning in airo_get_rate . * wifi: ath10k: Trigger STA disconnect after reconfig complete on hardware restart . * wifi: ath11k: Add missing check for ioremap . * wifi: rtw89: debug: fix error code in rtw89_debug_priv_send_h2c_set . * x86/amd_nb: Add PCI ID for family 19h model 78h . * x86/platform/uv: Add platform resolving #defines for misc GAM_MMIOH_REDIRECT* . * x86/platform/uv: Fix printed information in calc_mmioh_map . * x86/platform/uv: Helper functions for allocating and freeing conversion tables . * x86/platform/uv: Introduce helper function uv_pnode_to_socket . * x86/platform/uv: Remove remaining BUG_ON and BUG calls . * x86/platform/uv: UV support for sub-NUMA clustering . * x86/platform/uv: Update UV platform code for SNC . * x86/platform/uv: When searching for minimums, start at INT_MAX not 99999 . * x86: Fix .brk attribute in linker script . * xfs: clean up the rtbitmap fsmap backend . * xfs: do not deplete the reserve pool when trying to shrink the fs . * xfs: do not reverse order of items in bulk AIL insertion . * xfs: fix getfsmap reporting past the last rt extent . * xfs: fix integer overflows in the fsmap rtbitmap and logdev backends . * xfs: fix interval filtering in multi-step fsmap queries . * xfs: fix logdev fsmap query result filtering . * xfs: fix off-by-one error when the last rt extent is in use . * xfs: fix uninitialized variable access . * xfs: make fsmap backend function key parameters const . * xfs: make the record pointer passed to query_range functions const . * xfs: pass explicit mount pointer to rtalloc query functions . ## Special Instructions and Notes: * Please reboot the system after installing this update.