The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector"s deletion of SKB races with unix_stream_read_genericon the socket that the SKB is queued on . * CVE-2023-6610: Fixed an out of bounds read in the SMB client when printing debug information . * CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg . * CVE-2020-26555: Fixed an issue during BR/EDR PIN code pairing in the Bluetooth subsystem that would allow replay attacks . * CVE-2023-6606: Fixed an out of bounds read in the SMB client when receiving a malformed length from a server . * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation . * CVE-2023-6931: Fixed an out of bounds write in the Performance Events subsystem when adding a new event . * CVE-2023-6932: Fixed a use-after-free issue when receiving an IGMP query packet due to reference count mismanagement . * CVE-2023-6622: Fixed a null pointer dereference vulnerability in nft_dynset_init that could allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service . * CVE-2023-6121: Fixed an information leak via dmesg when receiving a crafted packet in the NVMe-oF/TCP subsystem . The following non-security bugs were fixed: * Reviewed and added more information to README.SUSE . * Enabled multibuild for kernel packages . * Drop drm/bridge lt9611uxc patches that have been reverted on stable trees * KVM: s390/mm: Properly reset no-dat . * KVM: s390: vsie: fix wrong VIR 37 when MSO is used . * KVM: x86: Mask LVTPC when handling a PMI . * NFS: Fix O_DIRECT locking issues . * NFS: Fix a few more clear_bit instances that need release semantics . * NFS: Fix a potential data corruption . * NFS: Fix a use after free in nfs_direct_join_group . * NFS: Fix error handling for O_DIRECT write scheduling . * NFS: More O_DIRECT accounting fixes for error paths . * NFS: More fixes for nfs_direct_write_reschedule_io . * NFS: Use the correct commit info in nfs_join_page_group . * NLM: Defend against file_lock changes after vfs_test_lock . * Updated SPI patches for NVIDIA Grace enablement * block: fix revalidate performance regression . * bpf: Adjust insufficient default bpf_jit_limit . * ceph: fix incorrect revoked caps assert in ceph_fill_file_size . * ceph: fix type promotion bug on 32bit systems . * clocksource: Add a Kconfig option for WATCHDOG_MAX_SKEW . * clocksource: Enable TSC watchdog checking of HPET and PMTMR only when requested . * clocksource: Handle negative skews in "skew is too large" messages . * clocksource: Improve "skew is too large" messages . * clocksource: Improve read-back-delay message . * clocksource: Loosen clocksource watchdog constraints . * clocksource: Print clocksource name when clocksource is tested unstable . * clocksource: Verify HPET and PMTMR when TSC unverified . * dm_blk_ioctl: implement path failover for SG_IO . * fuse: dax: set fc- greater than dax to NULL in fuse_dax_conn_free . * libceph: use kernel_connect . * mm: kmem: drop __GFP_NOFAIL when allocating objcg vectors . * net/smc: Fix pos miscalculation in statistics . * net/tg3: fix race condition in tg3_reset_task . * nfs: only issue commit in DIO codepath if we have uncommitted data . * remove unnecessary WARN_ON_ONCE . * s390/vx: fix save/restore of fpu kernel context . * scsi: lpfc: use unsigned type for num_sge . * swiotlb: fix a braino in the alignment check fix . * swiotlb: fix slot alignment checks . * tracing: Disable preemption when using the filter buffer . * tracing: Fix a possible race when disabling buffered events . * tracing: Fix a warning when allocating buffered events fails . * tracing: Fix incomplete locking when disabling buffered events . * tracing: Fix warning in trace_buffered_event_disable . * tracing: Use __this_cpu_read in trace_event_buffer_lock_reserver . * uapi: propagate __struct_group attributes to the container union . * vsprintf/kallsyms: Prevent invalid data when printing symbol . * x86/entry/ia32: Ensure s32 is sign extended to s64 . * x86/platform/uv: Use alternate source for socket to node data . * x86/tsc: Add option to force frequency recalibration with HW timer . * x86/tsc: Be consistent about use_tsc_delay . * x86/tsc: Extend watchdog check exemption to 4-Sockets platform . ## Special Instructions and Notes: * Please reboot the system after installing this update.