The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-36402: Fixed an integer overflow vulnerability in vmwgfx driver in that allowed a local attacker with a user account on the system to gain privilege, causing a denial of service . * CVE-2023-2007: Fixed a flaw in the DPT I2O Controller driver that could allow an attacker to escalate privileges and execute arbitrary code in the context of the kernel . * CVE-2023-3772: Fixed a flaw in XFRM subsystem that may have allowed a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer leading to a possible kernel crash and denial of service . * CVE-2023-3812: Fixed an out-of-bounds memory access flaw in the TUN/TAP device driver functionality that could allow a local user to crash or potentially escalate their privileges on the system . * CVE-2023-3863: Fixed a use-after-free flaw was found in nfc_llcp_find_local that allowed a local user with special privileges to impact a kernel information leak issue . * CVE-2023-4128: Fixed a use-after-free flaw in net/sched/cls_fw.c that allowed a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak issue . * CVE-2023-4132: Fixed use-after-free vulnerability was found in the siano smsusb module that allowed a local user to crash the system, causing a denial of service condition . * CVE-2023-4133: Fixed use after free bugs caused by circular dependency problem in cxgb4 . * CVE-2023-4134: Fixed use-after-free in cyttsp4_watchdog_work . * CVE-2023-4194: Fixed a type confusion in net tun_chr_open . * CVE-2023-4385: Fixed a NULL pointer dereference flaw in dbFree that may have allowed a local attacker to crash the system due to a missing sanity check . * CVE-2023-4387: Fixed use-after-free flaw in vmxnet3_rq_alloc_rx_buf that could allow a local attacker to crash the system due to a double-free . * CVE-2023-4459: Fixed a NULL pointer dereference flaw in vmxnet3_rq_cleanup that may have allowed a local attacker with normal user privilege to cause a denial of service . * CVE-2023-20588: Fixed a division-by-zero error on some AMD processors that can potentially return speculative data resulting in loss of confidentiality . * CVE-2023-34319: Fixed buffer overrun triggered by unusual packet in xen/netback . * CVE-2023-40283: Fixed use-after-free in l2cap_sock_ready_cb . The following non-security bugs were fixed: * ARM: spear: Do not use timer namespace for timer_shutdown function . * Bluetooth: nokia: fix value check in nokia_bluetooth_serdev_probe . * Revert "scsi: qla2xxx: Fix buffer overrun" . * SUNRPC: always clear XPRT_SOCK_CONNECTING before xprt_clear_connecting on TCP xprt . * af_key: Fix send_acquire race with pfkey_register . * af_packet: fix data-race in packet_setsockopt / packet_setsockopt . * af_unix: Fix a data race of sk-greater than sk_receive_queue-greater than qlen . * arm64: Re-enable support for contiguous hugepages * arm64: vdso: Fix clock_getres for CLOCK_REALTIME * bnx2x: fix page fault following EEH recovery . * bonding: Fix a use-after-free problem when bond_sysfs_slave_add failed . * bpf, arm64: remove prefetch insn in xadd mapping * bpf, arm64: use more scalable stadd over ldxr / stxr loop in xadd * bridge: ebtables: do not crash when using dnat target in output chains . * btrfs-allow-use-of-global-block-reserve-for-balance-.patch: . * btrfs-unset-reloc-control-if-transaction-commit-fail.patch: . * clocksource/drivers/arm_arch_timer: Do not use timer namespace for timer_shutdown function . * clocksource/drivers/sp804: Do not use timer namespace for timer_shutdown function . * fs/sysv: Null check to prevent null-ptr-deref bug . * fs: hfsplus: remove WARN_ON from hfsplus_cat_{read,write}_inode . * fs: lockd: avoid possible wrong NULL parameter . * inetpeer: fix data-race in inet_putpeer / inet_putpeer . * kabi/severities: Ignore newly added SRSO mitigation functions * libceph: fix potential hang in ceph_osdc_notify . * module: avoid allocation if module is already present and ready . * module: extract patient module check into helper . * module: move check_modinfo early to early_mod_check . * module: move early sanity checks into a helper . * net-sysfs: Call dev_hold always in netdev_queue_add_kobject . * net-sysfs: Call dev_hold always in rx_queue_add_kobject . * net-sysfs: Fix reference count leak in rx|netdev_queue_add_kobject . * net-sysfs: fix netdev_queue_add_kobject breakage . * net/af_unix: fix a data-race in unix_dgram_poll . * net/af_unix: fix a data-race in unix_dgram_sendmsg / unix_release_sock . * net/fq_impl: Switch to kvmalloc for memory allocation . * net: bnx2x: fix variable dereferenced before check . * net: icmp: fix data-race in cmp_global_allow . * net: mana: add support for XDP_QUERY_PROG . * net: usb: qmi_wwan: add support for Compal RXM-G1 . * netfilter: ipset: Fix an error code in ip_set_sockfn_get . * netfilter: nf_conntrack: Fix possible possible crash on module loading . * nfs/blocklayout: Use the passed in gfp flags . * nfs: Guard against READDIR loop when entry names exceed MAXNAMELEN . * nfsd: Remove incorrect check in nfsd4_validate_stateid . * nfsd: add encoding of op_recall flag for write delegation . * nfsd: da_addr_body field missing in some GETDEVICEINFO replies . * packet: fix data-race in fanout_flow_is_huge . * packet: unconditionally free po-greater than rollover . * powerpc/mm/altmap: Fix altmap boundary check . * ring-buffer: Fix deadloop issue on reading trace_pipe . * ring-buffer: Fix wrong stat of cpu_buffer-greater than read . * s390/cio: cio_ignore_proc_seq_next should increase position index . * s390/cpum_sf: Avoid SBD overflow condition in irq handler . * s390/cpum_sf: Check for SDBT and SDB consistency . * s390/dasd/cio: Interpret ccw_device_get_mdc return value correctly . * s390/dasd: Fix capacity calculation for large volumes . * s390/dasd: fix hanging device after quiesce/resume . * s390/ftrace: fix endless recursion in function_graph tracer . * s390/jump_label: print real address in a case of a jump label bug . * s390/kasan: fix strncpy_from_user kasan checks . * s390/kdump: Fix memleak in nt_vmcoreinfo . * s390/pkey: add one more argument space for debug feature entry . * s390/qdio: add sanity checks to the fast-requeue path . * s390/smp: __smp_rescan_cpus - move cpumask away from stack . * s390/smp: fix physical to logical CPU map for SMT . * s390/time: ensure get_clock_monotonic returns monotonic values . * s390/uaccess: avoid compiler warnings . * s390/zcrypt: handle new reply code FILTERED_BY_HYPERVISOR . * s390/zcrypt: improve special ap message cmd handling . * s390: zcrypt: initialize variables before_use . * sched/core: Check quota and period overflow at usec to nsec conversion . * sched/core: Handle overflow in cpu_shares_write_u64 . * sched/cpufreq: Fix kobject memleak . * sched/fair: Do not NUMA balance for kthreads . * sched/fair: Fix CFS bandwidth hrtimer expiry type . * sched/topology: Fix off by one bug . * scsi: qla2xxx: Add logs for SFP temperature monitoring . * scsi: qla2xxx: Allow 32-byte CDBs . * scsi: qla2xxx: Error code did not return to upper layer . * scsi: qla2xxx: Fix firmware resource tracking . * scsi: qla2xxx: Fix smatch warn for qla_init_iocb_limit . * scsi: qla2xxx: Flush mailbox commands on chip reset . * scsi: qla2xxx: Move resource to allow code reuse . * scsi: qla2xxx: Remove unsupported ql2xenabledif option . * scsi: qla2xxx: Remove unused declarations . * scsi: qla2xxx: Remove unused variables in qla24xx_build_scsi_type_6_iocbs . * scsi: qla2xxx: Update version to 10.02.09.100-k . * scsi: storvsc: Always set no_report_opcodes . * scsi: storvsc: Fix handling of virtual Fibre Channel timeouts . * skbuff: fix a data race in skb_queue_len . * timers: Add shutdown mechanism to the internal functions . * timers: Provide timer_shutdown_sync . * timers: Rename del_timer to timer_delete . * timers: Rename del_timer_sync to timer_delete_sync . * timers: Replace BUG_ONs . * timers: Silently ignore timers with a NULL function . * timers: Split [try_to_]del_timer_sync to prepare for shutdown mode . * timers: Update kernel-doc for various functions . * timers: Use del_timer_sync even on UP . * tracing: Fix warning in trace_buffered_event_disable . * tun: fix bonding active backup with arp monitoring . * ubifs: fix snprintf checking . * udp6: Fix race condition in udp6_sendmsg connect . * udp: fix race between close and udp_abort . * usb-storage: alauda: Fix uninit-value in alauda_check_media . * usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info . * usb: serial: cp210x: add Kamstrup RF sniffer PIDs . * usb: serial: cp210x: add SCALANCE LPE-9000 device id . * usb: serial: option: add LARA-R6 01B PIDs . * usb: serial: option: add Quectel EC200A module support . * usb: serial: option: add Quectel EC200U modem . * usb: serial: option: add Quectel EM05CN modem . * usb: serial: option: add Quectel EM05CN modem . * usb: serial: option: add Quectel EM061KGL series . * usb: serial: option: add support for VW/Skoda "Carstick LTE" . * usb: serial: option: add u-blox LARA-L6 modem . * usb: serial: option: support Quectel EM060K_128 . * usb: serial: simple: add Kaufmann RKS+CAN VCP . * usb: serial: simple: sort driver entries . * usb: xhci-mtk: set the dma max_seg_size . * usb: xhci: Check endpoint is valid before dereferencing it . * usb: zaurus: Add ID for A-300/B-500/C-700 . * x86/CPU/AMD: Disable XSAVES on AMD family 0x17 . * x86/bugs: Reset speculation control settings on init . * x86/cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405 . * x86/cpu/kvm: Provide UNTRAIN_RET_VM . * x86/cpu/vmware: Fix platform detection VMWARE_PORT macro . * x86/cpu/vmware: Use the full form of INL in VMWARE_HYPERCALL, for clang/llvm . * x86/cpu/vmware: Use the full form of INL in VMWARE_PORT . * x86/cpu: Cleanup the untrain mess . * x86/cpu: Fix __x86_return_thunk symbol type . * x86/cpu: Fix amd_check_microcode declaration . * x86/cpu: Fix up srso_safe_ret and __x86_return_thunk . * x86/cpu: Rename original retbleed methods . * x86/cpu: Rename srso_ _alias to srso_alias_ \1 . * x86/crash: Disable virt in core NMI crash handler to avoid double shootdown . * x86/ioapic: Do not return 0 from arch_dynirq_lower_bound . * x86/microcode/AMD: Load late on both threads too . * x86/mm: Do not shuffle CPU entry areas without KASLR . * x86/mm: Fix use of uninitialized buffer in sme_enable . * x86/reboot: Disable SVM, not just VMX, when stopping CPUs . * x86/retpoline,kprobes: Fix position of thunk sections with CONFIG_LTO_CLANG . * x86/retpoline,kprobes: Skip optprobe check for indirect jumps with retpolines and IBT . * x86/retpoline: Do not clobber RFLAGS during srso_safe_ret . * x86/speculation: Add cpu_show_gds prototype . * x86/speculation: Mark all Skylake CPUs as vulnerable to GDS . * x86/srso: Correct the mitigation status when SMT is disabled . * x86/srso: Disable the mitigation on unaffected configurations . * x86/srso: Explain the untraining sequences a bit more . * x86/srso: Fix build breakage with the LLVM linker . * x86/virt: Force GIF=1 prior to disabling SVM . * x86/vmware: Add a header file for hypercall definitions . * x86/vmware: Add steal time clock support for VMware guests . * x86/vmware: Enable steal time accounting . * x86/vmware: Update platform detection code for VMCALL/VMMCALL hypercalls . * x86: Move gds_ucode_mitigated declaration to header . * xfrm: release device reference for invalid state . * xhci-pci: set the dma max_seg_size . * xhci: Remove device endpoints from bandwidth list when freeing the device . ## Special Instructions and Notes: * Please reboot the system after installing this update.