The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation . * CVE-2024-0340: Fixed information disclosure in vhost/vhost.c:vhost_new_msg . * CVE-2023-51780: Fixed a use-after-free in do_vcc_ioctl in net/atm/ioctl.c, because of a vcc_recvmsg race condition . * CVE-2023-46838: Fixed an issue with Xen netback processing of zero-length transmit fragment . * CVE-2021-33631: Fixed an integer overflow in ext4_write_inline_data_end . * CVE-2023-47233: Fixed a use-after-free in the device unplugging code inside the brcm80211 component . * CVE-2023-51043: Fixed use-after-free during a race condition between a nonblocking atomic commit and a driver unload in drivers/gpu/drm/drm_atomic.c . * CVE-2024-0775: Fixed use-after-free in __ext4_remount in fs/ext4/super.c that could allow a local user to cause an information leak problem while freeing the old quota file names before a potential failure . * CVE-2023-6040: Fixed an out-of-bounds access vulnerability while creating a new netfilter table, lack of a safeguard against invalid nf_tables family values within `nf_tables_newtable` function . * CVE-2023-51782: Fixed use-after-free in rose_ioctl in net/rose/af_rose.c because of a rose_accept race condition . * CVE-2023-6610: Fixed an out of bounds read in the SMB client when printing debug information . * CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request . * CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete . * CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec . * CVE-2023-51042: Fixed use-after-free in amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c . The following non-security bugs were fixed: * 9p: missing chunk of "fs/9p: Do not update file type when updating file attributes" . * ACPICA: Avoid cache flush inside virtual machines . * GFS2: Flush the GFS2 delete workqueue before stopping the kernel threads . * KVM: s390: vsie: Fix STFLE interpretive execution identification . * UAPI: ndctl: Fix g++-unsupported initialisation in headers . * USB: serial: option: add Fibocom to DELL custom modem FM101R-GL . * USB: serial: option: add Telit LE910C4-WWX 0x1035 composition . * USB: serial: option: add entry for Sierra EM9191 with new firmware . * USB: serial: option: fix FM101R-GL defines . * acpi/nfit: Require opt-in for read-only label configurations . * acpi/nfit: improve bounds checking for "func" . * affs: fix basic permission bits to actually work . * aio: fix mremap after fork null-deref . * asix: Add check for usbnet_get_endpoints . * bnxt_en: Log unknown link speed appropriately . * build: Limit kernel-source build to architectures for which the kernel binary is built . * ceph: fix incorrect revoked caps assert in ceph_fill_file_size . * chardev: fix error handling in cdev_device_add . * configfs: fix a deadlock in configfs_symlink . * configfs: fix a race in configfs_{,un}register_subsystem . * configfs: fix a use-after-free in __configfs_open_file . * configfs: fix config_item refcnt leak in configfs_rmdir . * configfs: fix memleak in configfs_release_bin_file . * configfs: new object reprsenting tree fragments . * configfs: provide exclusion between IO and removals . * configfs: stash the data we need into configfs_buffer at open time . * docs: Store the old kernel changelog entries in kernel-docs package . * ext4: Avoid freeing inodes on dirty list . * ext4: silence the warning when evicting inode with dioread_nolock . * fat: add ratelimit to fat*_ent_bread . * fs/exofs: fix potential memory leak in mount option parsing . * fs/fat/fatent.c: add cond_resched to fat_count_free_clusters . * fs/fat/file.c: issue flush after the writeback of FAT . * fs/file.c: initialize init_files.resize_wait . * fs: do not audit the capability check in simple_xattr_list . * fs: ocfs2: namei: check return value of ocfs2_add_entry . * fs: orangefs: fix error return code of orangefs_revalidate_lookup . * fs: ratelimit __find_get_block_slow failure message . * fs: warn about impending deprecation of mandatory locks . * gfs2: Allow lock_nolock mount to specify jid=X . * gfs2: Check sb_bsize_shift after reading superblock . * gfs2: Do not call dlm after protocol is unmounted . * gfs2: Do not set GFS2_RDF_UPTODATE when the lvb is updated . * gfs2: Do not skip dlm unlock if glock had an lvb . * gfs2: Fix inode height consistency check . * gfs2: Fix lru_count going negative . * gfs2: Fix marking bitmaps non-full . * gfs2: Fix possible data races in gfs2_show_options . * gfs2: Fix sign extension bug in gfs2_update_stats . * gfs2: Fix use-after-free in gfs2_glock_shrink_scan . * gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free . * gfs2: Make sure FITRIM minlen is rounded up to fs block size . * gfs2: Special-case rindex for gfs2_grow . * gfs2: Wake up when sd_glock_disposal becomes zero . * gfs2: add validation checks for size of superblock . * gfs2: assign rgrp glock before compute_bitstructs . * gfs2: check for empty rgrp tree in gfs2_ri_update . * gfs2: check for live vs. read-only file system in gfs2_fitrim . * gfs2: clear buf_in_tr when ending a transaction in sweep_bh_for_rgrps . * gfs2: fix use-after-free on transaction ail lists . * gfs2: ignore negated quota changes . * gfs2: initialize transaction tr_ailX_lists earlier . * gfs2: report "already frozen/thawed" errors . * gfs2: take jdata unstuff into account in do_grow . * gfs2_atomic_open: fix O_EXCL|O_CREAT handling on cold dcache . * gtp: change NET_UDP_TUNNEL dependency to select . * help_next should increase position index . * iomap: sub-block dio needs to zeroout beyond EOF . * kernfs: Separate kernfs_pr_cont_buf and rename_lock . * kernfs: bring names in comments in line with code . * kernfs: fix use-after-free in __kernfs_remove . * libceph: use kernel_connect . * libnvdimm/btt: Fix LBA masking during "free list" population . * libnvdimm/btt: Fix a kmemdup failure check . * libnvdimm/btt: Remove unnecessary code in btt_freelist_init . * libnvdimm/btt: fix variable "rc" set but not used . * libnvdimm/namespace: Fix a potential NULL pointer dereference . * libnvdimm/of_pmem: Use devm_kstrdup instead of kstrdup and check its return value . * libnvdimm/pmem: Delete include of nd-core.h . * libnvdimm/pmem: fix a possible OOB access when read and write pmem . * libnvdimm/region: Fix label activation vs errors . * libnvdimm: Fix compilation warnings with W=1 . * libnvdimm: Out of bounds read in __nd_ioctl . * libnvdimm: Validate command family indices . * libnvdimm: cover up changes in struct nvdimm_bus_descriptor . * locks: print a warning when mount fails due to lack of "mand" support . * mce: fix set_mce_nospec to always unmap the whole page . * mlx4: handle non-napi callers to napi_poll . * mlxsw: spectrum: Avoid -Wformat-truncation warnings . * mlxsw: spectrum: Properly cleanup LAG uppers when removing port from LAG . * mlxsw: spectrum: Set LAG port collector only when active . * mm,mremap: bail out earlier in mremap_to under map pressure . * net/mlx5: Do not call timecounter cyc2time directly from 1PPS flow . * net: fix a missing check of clk_prepare . * net: dsa: bcm_sf2: Propagate error value from mdio_write . * net: dsa: mv88e6xxx: Work around mv886e6161 SERDES missing MII_PHYSID2 . * net: dsa: mv88e6xxx: avoid error message on remove from VLAN 0 . * net: dsa: qca8k: Enable delay for RGMII_ID mode . * net: ethernet: ti: fix possible object reference leak . * net: fec: Do not use netdev messages too early . * net: ks8851: Delay requesting IRQ until opened . * net: ks8851: Reassert reset pin if chip ID check fails . * net: ks8851: Set initial carrier state to down . * net: macb: Add null check for PCLK and HCLK . * net: mv643xx_eth: disable clk on error path in mv643xx_eth_shared_probe . * net: mvneta: fix double free of txq- greater thanbuf . * net: phy: sfp: warn the user when no tx_disable pin is available . * net: phylink: avoid resolving link state too early . * net: sfp: do not probe SFP module before we"re attached . * net: stmmac: Disable EEE mode earlier in XMIT callback . * net: stmmac: Fallback to Platform Data clock in Watchdog conversion . * net: stmmac: do not overwrite discard_frame status . * net: stmmac: dwmac-rk: fix error handling in rk_gmac_powerup . * net: stmmac: dwmac1000: Clear unused address entries . * net: stmmac: dwmac1000: fix out-of-bounds mac address reg setting . * net: stmmac: dwmac4/5: Clear unused address entries . * net: systemport: Fix reception of BPDUs . * net: xilinx: fix possible object reference leak . * nfs: NFS 4.0 LOCK calls getting constant NFS4ERR_BAD_SEQID . * nfsd: drop st_mutex and rp_mutex before calling move_to_close_lru . * nvdimm/btt: do not call del_gendisk if not needed . * nvdimm: Allow overwrite in the presence of disabled dimms . * nvdimm: Fix badblocks clear off-by-one error . * nvmet-tcp: fix a crash in nvmet_req_complete . * orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string . * orangefs: Fix sysfs not cleanup when dev init failed . * orangefs: fix orangefs df output . * orangefs: rate limit the client not running info message . * powerpc/powernv: Add a null pointer check in opal_event_init . * powerpc/powernv: Add a null pointer check in opal_powercap_init . * powerpc/pseries/memhotplug: Quieten some DLPAR operations . * powerpc/pseries/memhp: Fix access beyond end of drmem array . * powerpc: Do not clobber f0/vs0 during fp|altivec register save . * preserve KABI for struct plat_stmmacenet_data . * preserve KABI for struct sfp_socket_ops . * proc: fix /proc/*/map_files lookup . * pstore/ram: Check start of empty przs during init . * pstore/ram: Fix error return code in ramoops_probe . * pstore/ram: Run without kernel crash dump region . * pstore: Avoid kcore oops by vmaping with VM_IOREMAP . * pstore: ram_core: fix possible overflow in persistent_ram_init_ecc . * r8169: fix data corruption issue on RTL8402 . * reiserfs: Check the return value from __getblk . * reiserfs: Replace 1-element array with C99 style flex-array . * s390/dasd: fix double module refcount decrement . * scripts/git_sort/git_sort.py: Add "perf-tools" branch * scsi: qla0xxx: Fix system crash due to bad pointer access . * sfc: initialise found bitmap in efx_ef10_mtd_probe . * statfs: enforce statfs[64] structure initialization . * tracing/trigger: Fix to return error if failed to alloc snapshot . * usb: xhci: xhci-ring: Use sysdev for mapping bounce buffer . * veth: Fixing transmit return status for dropped packets . * vfs: make freeze_super abort when sync_filesystem returns error . * writeback: Export inode_io_list_del . * x86/CPU/AMD: Check vendor in the AMD microcode callback . * x86/alternatives: Sync core before enabling interrupts . * x86/asm: Ensure asm/proto.h can be included stand-alone . * x86/bugs: Add "unknown" reporting for MMIO Stale Data . * x86/build: Treat R_386_PLT32 relocation as R_386_PC32 . * x86/build: Turn off -fcf-protection for realmode targets . * x86/cpu/hygon: Fix the CPU topology evaluation for real . * x86/cpu: Add another Alder Lake CPU to the Intel family . * x86/fpu: Use _Alignof to avoid undefined behavior in TYPE_ALIGN . * x86/kvm/lapic: always disable MMIO interface in x2APIC mode . * x86/kvm: Do not try to disable kvmclock if it was not enabled . * x86/lib: Fix overflow when counting digits . * x86/mce: relocate set{clear}_mce_nospec functions . * x86/microcode/AMD: Track patch allocation size explicitly . * x86/microcode/intel: Do not retry microcode reloading on the APs . * x86/mm: Add a x86_has_pat_wp helper . * x86/pat: Fix x86_has_pat_wp . * x86/pat: Pass valid address to sanitize_phys . * x86/pm: Add enumeration check before spec MSRs save/restore setup . * x86/pm: Fix false positive kmemleak report in msr_build_context . * x86/purgatory: Do not generate debug info for purgatory.ro . * x86/resctrl: Fix to restore to original value when re-enabling hardware prefetch register . * x86/topology: Fix duplicated core ID within a package . * x86/topology: Fix multiple packages shown on a single-package system . * x86/unwind/orc: Fix unreliable stack dump with gcov . * x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry . * x86: Clear .brk area at early boot . * x86: Fix __get_wchan for !STACKTRACE . * x86: Fix get_wchan to support the ORC unwinder . * x86: Mark stop_this_cpu __noreturn . * x86: Pin task-stack in __get_wchan . * x86: **always_inline** {rd,wr}msr . ## Special Instructions and Notes: * Please reboot the system after installing this update.