Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2023:2803-1
Rating:	important
References:	bsc#1187829 bsc#1194869 bsc#1210335 bsc#1212051 bsc#1212265 bsc#1212603 bsc#1212605 bsc#1212606 bsc#1212619 bsc#1212701 bsc#1212741 bsc#1212835 bsc#1212838 bsc#1212842 bsc#1212861 bsc#1212869 bsc#1212892 jsc#SLE-19253
Cross-References:	CVE-2023-1829 CVE-2023-3090 CVE-2023-3111 CVE-2023-3212 CVE-2023-3357 CVE-2023-3358 CVE-2023-3389
CVSS scores:	CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-1829 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-3090 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-3090 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-3111 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2023-3111 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-3212 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-3212 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVE-2023-3357 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-3357 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-3358 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-3358 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-3389 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2023-3389 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:	openSUSE Leap 15.4 openSUSE Leap Micro 5.3 SUSE Linux Enterprise High Performance Computing 15 SP4 SUSE Linux Enterprise Live Patching 15-SP4 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Micro 5.4 SUSE Linux Enterprise Micro for Rancher 5.3 SUSE Linux Enterprise Micro for Rancher 5.4 SUSE Linux Enterprise Real Time 15 SP4 SUSE Linux Enterprise Server 15 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SP4 SUSE Real Time Module 15-SP4

An update that solves seven vulnerabilities, contains one feature and has 10 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

• CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210335).
• CVE-2023-3389: Fixed a use-after-free vulnerability in the io_uring subsystem (bsc#1212838).
• CVE-2023-3090: Fixed a heap out-of-bounds write in the ipvlan network driver (bsc#1212842).
• CVE-2023-3111: Fixed a use-after-free vulnerability in prepare_to_relocate in fs/btrfs/relocation.c (bsc#1212051).
• CVE-2023-3212: Fixed a NULL pointer dereference flaw in the gfs2 file system (bsc#1212265).
• CVE-2023-3358: Fixed a NULL pointer dereference flaw in the Integrated Sensor Hub (ISH) driver (bsc#1212606).
• CVE-2023-3357: Fixed a NULL pointer dereference flaw in the AMD Sensor Fusion Hub driver (bsc#1212605).

The following non-security bugs were fixed:

• Get module prefix from kmod (bsc#1212835).
• Revert "mtd: rawnand: arasan: Prevent an unsupported configuration" (git-fixes).
• Revert "net: phy: dp83867: perform soft reset and retain established link" (git-fixes).
• alsa: ac97: Fix possible NULL dereference in snd_ac97_mixer (git-fixes).
• alsa: hda/realtek: Add "Intel Reference board" and "NUC 13" SSID in the ALC256 (git-fixes).
• alsa: hda/realtek: Add quirk for ASUS ROG G634Z (git-fixes).
• alsa: hda/realtek: Add quirk for ASUS ROG GV601V (git-fixes).
• alsa: hda/realtek: Add quirks for ASUS GU604V and GU603V (git-fixes).
• alsa: hda/realtek: Add quirks for ROG ALLY CS35l41 audio (git-fixes).
• alsa: hda/realtek: Enable mute/micmute LEDs and limit mic boost on EliteBook (git-fixes).
• amdgpu: validate offset_in_bo of drm_amdgpu_gem_va (git-fixes).
• arm64: Add missing Set/Way CMO encodings (git-fixes).
• arm64: dts: Move BCM4908 dts to bcmbca folder (git-fixes)
• arm64: dts: broadcom: bcmbca: bcm4908: fix NAND interrupt name (git-fixes)
• arm64: dts: broadcom: bcmbca: bcm4908: fix procmon nodename (git-fixes)
• arm64: dts: imx8mn-var-som: fix PHY detection bug by adding deassert (git-fixes)
• arm: dts: Fix erroneous ADS touchscreen polarities (git-fixes).
• asoc: es8316: Do not set rate constraints for unsupported MCLKs (git-fixes).
• asoc: es8316: Increment max value for ALC Capture Target Volume control (git-fixes).
• asoc: imx-audmix: check return value of devm_kasprintf() (git-fixes).
• asoc: mediatek: mt8173: Fix irq error path (git-fixes).
• asoc: nau8824: Add quirk to active-high jack-detect (git-fixes).
• asoc: simple-card: Add missing of_node_put() in case of error (git-fixes).
• bus: fsl-mc: fsl-mc-allocator: Drop a write-only variable (git-fixes).
• bus: ti-sysc: Fix dispc quirk masking bool variables (git-fixes).
• can: isotp: isotp_sendmsg(): fix return error fix on TX path (git-fixes).
• can: kvaser_pciefd: Remove handler for unused KVASER_PCIEFD_PACK_TYPE_EFRAME_ACK (git-fixes).
• can: kvaser_pciefd: Remove useless write to interrupt register (git-fixes).
• can: length: fix bitstuffing count (git-fixes).
• can: length: fix description of the RRS field (git-fixes).
• can: length: make header self contained (git-fixes).
• clk: Fix memory leak in devm_clk_notifier_register() (git-fixes).
• clk: cdce925: check return value of kasprintf() (git-fixes).
• clk: imx: clk-imx8mn: fix memory leak in imx8mn_clocks_probe (git-fixes).
• clk: imx: clk-imx8mp: improve error handling in imx8mp_clocks_probe() (git-fixes).
• clk: imx: scu: use _safe list iterator to avoid a use after free (git-fixes).
• clk: keystone: sci-clk: check return value of kasprintf() (git-fixes).
• clk: samsung: Add Exynos4212 compatible to CLKOUT driver (git-fixes).
• clk: si5341: check return value of {devm_}kasprintf() (git-fixes).
• clk: si5341: free unused memory on probe failure (git-fixes).
• clk: si5341: return error if one synth clock registration fails (git-fixes).
• clk: tegra: tegra124-emc: Fix potential memory leak (git-fixes).
• clk: ti: clkctrl: check return value of kasprintf() (git-fixes).
• clk: vc5: check memory returned by kasprintf() (git-fixes).
• clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe (git-fixes).
• crypto: marvell/cesa - Fix type mismatch warning (git-fixes).
• crypto: nx - fix build warnings when DEBUG_FS is not enabled (git-fixes).
• drivers: meson: secure-pwrc: always enable DMA domain (git-fixes).
• drm/amd/display: Add logging for display MALL refresh setting (git-fixes).
• drm/amd/display: Add minimal pipe split transition state (git-fixes).
• drm/amd/display: Add wrapper to call planes and stream update (git-fixes).
• drm/amd/display: Explicitly specify update type per plane info change (git-fixes).
• drm/amd/display: Fix artifacting on eDP panels when engaging freesync video mode (git-fixes).
• drm/amd/display: Use dc_update_planes_and_stream (git-fixes).
• drm/amd/display: drop redundant memset() in get_available_dsc_slices() (git-fixes).
• drm/amd/display: fix the system hang while disable PSR (git-fixes).
• drm/amdkfd: Fix potential deallocation of previously deallocated memory (git-fixes).
• drm/bridge: tc358768: always enable HS video mode (git-fixes).
• drm/bridge: tc358768: fix PLL parameters computation (git-fixes).
• drm/bridge: tc358768: fix PLL target frequency (git-fixes).
• drm/bridge: tc358768: fix TCLK_ZEROCNT computation (git-fixes).
• drm/bridge: tc358768: fix TXTAGOCNT computation (git-fixes).
• drm/exynos: fix race condition UAF in exynos_g2d_exec_ioctl (git-fixes).
• drm/exynos: vidi: fix a wrong error return (git-fixes).
• drm/i915/gvt: remove unused variable gma_bottom in command parser (git-fixes).
• drm/msm/adreno: fix sparse warnings in a6xx code (git-fixes).
• drm/msm/dp: Free resources after unregistering them (git-fixes).
• drm/msm/dpu: correct MERGE_3D length (git-fixes).
• drm/msm/dpu: do not enable color-management if DSPPs are not available (git-fixes).
• drm/msm/dsi: do not allow enabling 14nm VCO with unprogrammed rate (git-fixes).
• drm/panel: sharp-ls043t1le01: adjust mode settings (git-fixes).
• drm/panel: simple: fix active size for Ampire AM-480272H3TMQW-T01H (git-fixes).
• drm/radeon: fix possible division-by-zero errors (git-fixes).
• drm/radeon: fix race condition UAF in radeon_gem_set_domain_ioctl (git-fixes).
• drm/rockchip: vop: Leave vblank enabled in self-refresh (git-fixes).
• drm/vram-helper: fix function names in vram helper doc (git-fixes).
• drm: sun4i_tcon: use devm_clk_get_enabled in sun4i_tcon_init_clocks (git-fixes).
• elf: correct note name comment (git-fixes).
• extcon: Fix kernel doc of property capability fields to avoid warnings (git-fixes).
• extcon: Fix kernel doc of property fields to avoid warnings (git-fixes).
• extcon: usbc-tusb320: Add USB TYPE-C support (git-fixes).
• extcon: usbc-tusb320: Call the Type-C IRQ handler only if a port is registered (git-fixes).
• extcon: usbc-tusb320: Unregister typec port on driver removal (git-fixes).
• extcon: usbc-tusb320: Update state on probe even if no IRQ pending (git-fixes).
• fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe() (git-fixes).
• firmware: stratix10-svc: Fix a potential resource leak in svc_create_memory_pool() (git-fixes).
• hid: logitech-hidpp: add HIDPP_QUIRK_DELAYED_INIT for the T651 (git-fixes).
• hid: wacom: Add error check to wacom_parse_and_register() (git-fixes).
• hwmon: (gsc-hwmon) fix fan pwm temperature scaling (git-fixes).
• hwrng: imx-rngc - fix the timeout for init and self check (git-fixes).
• hwrng: st - keep clock enabled while hwrng is registered (git-fixes).
• i2c: imx-lpi2c: fix type char overflow issue when calculating the clock cycle (git-fixes).
• i2c: qup: Add missing unwind goto in qup_i2c_probe() (git-fixes).
• ib/hfi1: Fix wrong mmu_node used for user SDMA packet after invalidate (git-fixes)
• ib/isert: Fix dead lock in ib_isert (git-fixes)
• ib/isert: Fix incorrect release of isert connection (git-fixes)
• ib/isert: Fix possible list corruption in CMA handler (git-fixes)
• ib/uverbs: Fix to consider event queue closing also upon non-blocking mode (git-fixes)
• ibmvnic: Do not reset dql stats on NON_FATAL err (bsc#1212603 ltc#202604).
• ice, xsk: Diversify return values from xsk_wakeup call paths (git-fixes).
• ice: Do not double unplug aux on peer initiated reset (git-fixes).
• ice: Do not use WQ_MEM_RECLAIM flag for workqueue (git-fixes).
• ice: Fix DSCP PFC TLV creation (git-fixes).
• ice: Fix XDP memory leak when NIC is brought up and down (git-fixes).
• ice: Fix ice_xdp_xmit() when XDP TX queue number is not sufficient (git-fixes).
• ice: Fix memory corruption in VF driver (git-fixes).
• ice: Ignore EEXIST when setting promisc mode (git-fixes).
• ice: Prevent set_channel from changing queues while RDMA active (git-fixes).
• ice: Reset FDIR counter in FDIR init stage (git-fixes).
• ice: add profile conflict check for AVF FDIR (git-fixes).
• ice: block LAN in case of VF to VF offload (git-fixes).
• ice: config netdev tc before setting queues number (git-fixes).
• ice: copy last block omitted in ice_get_module_eeprom() (git-fixes).
• ice: ethtool: Prohibit improper channel config for DCB (git-fixes).
• ice: ethtool: advertise 1000M speeds properly (git-fixes).
• ice: fix invalid check for empty list in ice_sched_assoc_vsi_to_agg() (git-fixes).
• ice: fix wrong fallback logic for FDIR (git-fixes).
• ice: handle E822 generic device ID in PLDM header (git-fixes).
• ice: switch: fix potential memleak in ice_add_adv_recipe() (git-fixes).
• ice: use bitmap_free instead of devm_kfree (git-fixes).
• ice: xsk: use Rx ring's XDP ring when picking NAPI context (git-fixes).
• ieee802154: hwsim: Fix possible memory leaks (git-fixes).
• ifcvf/vDPA: fix misuse virtio-net device config size for blk dev (jsc#SLE-19253).
• iio: accel: fxls8962af: errata bug only applicable for FXLS8962AF (git-fixes).
• iio: accel: fxls8962af: fixup buffer scan element type (git-fixes).
• iio: adc: ad7192: Fix internal/external clock selection (git-fixes).
• iio: adc: ad7192: Fix null ad7192_state pointer access (git-fixes).
• input: adxl34x - do not hardcode interrupt trigger type (git-fixes).
• input: drv260x - fix typo in register value define (git-fixes).
• input: drv260x - remove unused .reg_defaults (git-fixes).
• input: drv260x - sleep between polling GO bit (git-fixes).
• input: soc_button_array - add invalid acpi_index DMI quirk handling (git-fixes).
• integrity: Fix possible multiple allocation in integrity_inode_get() (git-fixes).
• irqchip/clps711x: Remove unused clps711x_intc_init() function (git-fixes).
• irqchip/ftintc010: Mark all function static (git-fixes).
• irqchip/jcore-aic: Fix missing allocation of IRQ descriptors (git-fixes).
• kernel-docs: Use python3 together with python3-Sphinx (bsc#1212741).
• mailbox: ti-msgmgr: Fill non-message tx data fields with 0x0 (git-fixes).
• media: cec: core: do not set last_initiator if tx in progress (git-fixes).
• memory: brcmstb_dpfe: fix testing array offset after use (git-fixes).
• meson saradc: fix clock divider mask length (git-fixes).
• mfd: intel-lpss: Add missing check for platform_get_resource (git-fixes).
• mfd: pm8008: Fix module autoloading (git-fixes).
• mfd: rt5033: Drop rt5033-battery sub-device (git-fixes).
• mfd: stmfx: Fix error path in stmfx_chip_init (git-fixes).
• mfd: stmfx: Nullify stmfx->vdd in case of error (git-fixes).
• mfd: stmpe: Only disable the regulators if they are enabled (git-fixes).
• misc: fastrpc: Create fastrpc scalar with correct buffer count (git-fixes).
• misc: pci_endpoint_test: Free IRQs before removing the device (git-fixes).
• misc: pci_endpoint_test: Re-init completion for every test (git-fixes).
• mlx5: do not use RT_TOS for IPv6 flowlabel (jsc#SLE-19253).
• mmc: bcm2835: fix deferred probing (git-fixes).
• mmc: meson-gx: remove redundant mmc_request_done() call from irq context (git-fixes).
• mmc: mmci: Set PROBE_PREFER_ASYNCHRONOUS (git-fixes).
• mmc: mmci: stm32: fix max busy timeout calculation (git-fixes).
• mmc: mtk-sd: fix deferred probing (git-fixes).
• mmc: mvsdio: fix deferred probing (git-fixes).
• mmc: omap: fix deferred probing (git-fixes).
• mmc: omap_hsmmc: fix deferred probing (git-fixes).
• mmc: owl: fix deferred probing (git-fixes).
• mmc: sdhci-acpi: fix deferred probing (git-fixes).
• mmc: sdhci-msm: Disable broken 64-bit DMA on MSM8916 (git-fixes).
• mmc: sdhci-spear: fix deferred probing (git-fixes).
• mmc: sh_mmcif: fix deferred probing (git-fixes).
• mmc: sunxi: fix deferred probing (git-fixes).
• mmc: usdhi60rol0: fix deferred probing (git-fixes).
• mtd: rawnand: meson: fix unaligned DMA buffers handling (git-fixes).
• net/mlx5: Add forgotten cleanup calls into mlx5_init_once() error path (jsc#SLE-19253).
• net/mlx5: Allow async trigger completion execution on single CPU systems (jsc#SLE-19253).
• net/mlx5: Allow future addition of IPsec object modifiers (jsc#SLE-19253).
• net/mlx5: Avoid false positive lockdep warning by adding lock_class_key (jsc#SLE-19253).
• net/mlx5: Avoid recovery in probe flows (jsc#SLE-19253).
• net/mlx5: Bridge, fix ageing of peer FDB entries (jsc#SLE-19253).
• net/mlx5: Bridge, verify LAG state when adding bond to bridge (jsc#SLE-19253).
• net/mlx5: DR, Check force-loopback RC QP capability independently from RoCE (jsc#SLE-19253).
• net/mlx5: DR, Fix crc32 calculation to work on big-endian (BE) CPUs (jsc#SLE-19253).
• net/mlx5: DR, Fix missing flow_source when creating multi-destination FW table (jsc#SLE-19253).
• net/mlx5: Devcom, fix error flow in mlx5_devcom_register_device (jsc#SLE-19253).
• net/mlx5: Do not advertise IPsec netdev support for non-IPsec device (jsc#SLE-19253).
• net/mlx5: Do not use already freed action pointer (jsc#SLE-19253).
• net/mlx5: E-Switch, Fix an Oops in error handling code (jsc#SLE-19253).
• net/mlx5: E-Switch, properly handle ingress tagged packets on VST (jsc#SLE-19253).
• net/mlx5: E-switch, Create per vport table based on devlink encap mode (jsc#SLE-19253).
• net/mlx5: E-switch, Do not destroy indirect table in split rule (jsc#SLE-19253).
• net/mlx5: E-switch, Fix missing set of split_count when forward to ovs internal port (jsc#SLE-19253).
• net/mlx5: E-switch, Fix setting of reserved fields on MODIFY_SCHEDULING_ELEMENT (jsc#SLE-19253).
• net/mlx5: Enhance debug print in page allocation failure (jsc#SLE-19253).
• net/mlx5: Fix FW tracer timestamp calculation (jsc#SLE-19253).
• net/mlx5: Fix RoCE setting at HCA level (jsc#SLE-19253).
• net/mlx5: Fix crash during sync firmware reset (jsc#SLE-19253).
• net/mlx5: Fix error message when failing to allocate device memory (jsc#SLE-19253).
• net/mlx5: Fix handling of entry refcount when command is not issued to FW (jsc#SLE-19253).
• net/mlx5: Fix possible use-after-free in async command interface (jsc#SLE-19253).
• net/mlx5: Fix ptp max frequency adjustment range (jsc#SLE-19253).
• net/mlx5: Fix steering rules cleanup (jsc#SLE-19253).
• net/mlx5: Fix uninitialized variable bug in outlen_write() (jsc#SLE-19253).
• net/mlx5: Geneve, Fix handling of Geneve object id as error code (jsc#SLE-19253).
• net/mlx5: Initialize flow steering during driver probe (jsc#SLE-19253).
• net/mlx5: Read embedded cpu after init bit cleared (jsc#SLE-19253).
• net/mlx5: Read the TC mapping of all priorities on ETS query (jsc#SLE-19253).
• net/mlx5: Rearm the FW tracer after each tracer event (jsc#SLE-19253).
• net/mlx5: SF, Drain health before removing device (jsc#SLE-19253).
• net/mlx5: SF: Fix probing active SFs during driver probe phase (jsc#SLE-19253).
• net/mlx5: Serialize module cleanup with reload and remove (jsc#SLE-19253).
• net/mlx5: Wait for firmware to enable CRS before pci_restore_state (jsc#SLE-19253).
• net/mlx5: add IFC bits for bypassing port select flow table (git-fixes)
• net/mlx5: check attr pointer validity before dereferencing it (jsc#SLE-19253).
• net/mlx5: correct ECE offset in query qp output (jsc#SLE-19253).
• net/mlx5: fix missing mutex_unlock in mlx5_fw_fatal_reporter_err_work() (jsc#SLE-19253).
• net/mlx5: fs, fail conflicting actions (jsc#SLE-19253).
• net/mlx5: fw_tracer, Clear load bit when freeing string DBs buffers (jsc#SLE-19253).
• net/mlx5: fw_tracer, Fix event handling (jsc#SLE-19253).
• net/mlx5: fw_tracer, Zero consumer index when reloading the tracer (jsc#SLE-19253).
• net/mlx5e: Always clear dest encap in neigh-update-del (jsc#SLE-19253).
• net/mlx5e: Avoid false lock dependency warning on tc_ht even more (jsc#SLE-19253).
• net/mlx5e: Block entering switchdev mode with ns inconsistency (jsc#SLE-19253).
• net/mlx5e: Do not attach netdev profile while handling internal error (jsc#SLE-19253).
• net/mlx5e: Do not increment ESN when updating IPsec ESN state (jsc#SLE-19253).
• net/mlx5e: Do not support encap rules with gbp option (jsc#SLE-19253).
• net/mlx5e: E-Switch, Fix comparing termination table instance (jsc#SLE-19253).
• net/mlx5e: Extend SKB room check to include PTP-SQ (jsc#SLE-19253).
• net/mlx5e: Fix MPLSoUDP encap to use MPLS action information (jsc#SLE-19253).
• net/mlx5e: Fix SQ wake logic in ptp napi_poll context (jsc#SLE-19253).
• net/mlx5e: Fix capability check for updating vnic env counters (jsc#SLE-19253).
• net/mlx5e: Fix error handling in mlx5e_refresh_tirs (jsc#SLE-19253).
• net/mlx5e: Fix hw mtu initializing at XDP SQ allocation (jsc#SLE-19253).
• net/mlx5e: Fix the value of MLX5E_MAX_RQ_NUM_MTTS (jsc#SLE-19253).
• net/mlx5e: Fix use-after-free when reverting termination table (jsc#SLE-19253).
• net/mlx5e: Fix wrong application of the LRO state (jsc#SLE-19253).
• net/mlx5e: Fix wrong tc flag used when set hw-tc-offload off (jsc#SLE-19253).
• net/mlx5e: IPoIB, Do not allow CQE compression to be turned on by default (jsc#SLE-19253).
• net/mlx5e: IPoIB, Show unknown speed instead of error (jsc#SLE-19253).
• net/mlx5e: Modify slow path rules to go to slow fdb (jsc#SLE-19253).
• net/mlx5e: QoS, Fix wrongfully setting parent_element_id on MODIFY_SCHEDULING_ELEMENT (jsc#SLE-19253).
• net/mlx5e: Set uplink rep as NETNS_LOCAL (jsc#SLE-19253).
• net/mlx5e: TC, Fix ct_clear overwriting ct action metadata (jsc#SLE-19253).
• net/mlx5e: Update rx ring hw mtu upon each rx-fcs flag change (jsc#SLE-19253).
• net/mlx5e: Verify flow_source cap before using it (jsc#SLE-19253).
• net/mlx5e: do as little as possible in napi poll when budget is 0 (jsc#SLE-19253).
• net/mlx5e: kTLS, Fix build time constant test in RX (jsc#SLE-19253).
• net/mlx5e: kTLS, Fix build time constant test in TX (jsc#SLE-19253).
• net: mlx5: eliminate anonymous module_init & module_exit (jsc#SLE-19253).
• nfcsim.c: Fix error checking for debugfs_create_dir (git-fixes).
• nilfs2: fix buffer corruption due to concurrent device reads (git-fixes).
• nvme-core: fix dev_pm_qos memleak (git-fixes).
• nvme-core: fix memory leak in dhchap_ctrl_secret (git-fixes).
• nvme-core: fix memory leak in dhchap_secret_store (git-fixes).
• nvme-pci: add quirk for missing secondary temperature thresholds (git-fixes).
• nvme: double KA polling frequency to avoid KATO with TBKAS on (git-fixes).
• ocfs2: fix defrag path triggering jbd2 ASSERT (git-fixes).
• ocfs2: fix freeing uninitialized resource on ocfs2_dlm_shutdown (git-fixes).
• ocfs2: fix non-auto defrag path not working issue (git-fixes).
• pci/aspm: Disable ASPM on MFD function removal to avoid use-after-free (git-fixes).
• pci: Add pci_clear_master() stub for non-CONFIG_PCI (git-fixes).
• pci: Release resource invalidated by coalescing (git-fixes).
• pci: cadence: Fix Gen2 Link Retraining process (git-fixes).
• pci: endpoint: Add missing documentation about the MSI/MSI-X range (git-fixes).
• pci: ftpci100: Release the clock resources (git-fixes).
• pci: pciehp: Cancel bringup sequence if card is not present (git-fixes).
• pci: qcom: Disable write access to read only registers for IP v2.3.3 (git-fixes).
• pci: rockchip: Add poll and timeout to wait for PHY PLLs to be locked (git-fixes).
• pci: rockchip: Assert PCI Configuration Enable bit after probe (git-fixes).
• pci: rockchip: Fix legacy IRQ generation for RK3399 PCIe endpoint core (git-fixes).
• pci: rockchip: Set address alignment for endpoint mode (git-fixes).
• pci: rockchip: Use u32 variable to access 32-bit registers (git-fixes).
• pci: rockchip: Write PCI Device ID to correct register (git-fixes).
• pci: vmd: Reset VMD config register between soft reboots (git-fixes).
• pinctrl: at91-pio4: check return value of devm_kasprintf() (git-fixes).
• pinctrl: cherryview: Return correct value if pin in push-pull mode (git-fixes).
• pinctrl: microchip-sgpio: check return value of devm_kasprintf() (git-fixes).
• platform/x86: think-lmi: Correct NVME password handling (git-fixes).
• platform/x86: think-lmi: Correct System password interface (git-fixes).
• platform/x86: think-lmi: mutex protection around multiple WMI calls (git-fixes).
• platform/x86: thinkpad_acpi: Fix lkp-tests warnings for platform profiles (git-fixes).
• pm: domains: fix integer overflow issues in genpd_parse_state() (git-fixes).
• powerpc/64s/radix: Fix exit lazy tlb mm switch with irqs enabled (bsc#1194869).
• powerpc/iommu: Limit number of TCEs to 512 for H_STUFF_TCE hcall (bsc#1194869 bsc#1212701).
• powerpc/set_memory: Avoid spinlock recursion in change_page_attr() (bsc#1194869).
• pstore/ram: Add check for kstrdup (git-fixes).
• radeon: avoid double free in ci_dpm_init() (git-fixes).
• rdma/bnxt_re: Avoid calling wake_up threads from spin_lock context (git-fixes)
• rdma/bnxt_re: Disable/kill tasklet only if it is enabled (git-fixes)
• rdma/bnxt_re: Fix to remove an unnecessary log (git-fixes)
• rdma/bnxt_re: Fix to remove unnecessary return labels (git-fixes)
• rdma/bnxt_re: Remove a redundant check inside bnxt_re_update_gid (git-fixes)
• rdma/bnxt_re: Remove unnecessary checks (git-fixes)
• rdma/bnxt_re: Return directly without goto jumps (git-fixes)
• rdma/bnxt_re: Use unique names while registering interrupts (git-fixes)
• rdma/bnxt_re: wraparound mbox producer index (git-fixes)
• rdma/cma: Always set static rate to 0 for RoCE (git-fixes)
• rdma/hns: Fix hns_roce_table_get return value (git-fixes)
• rdma/irdma: avoid fortify-string warning in irdma_clr_wqes (git-fixes)
• rdma/mlx5: Do not set tx affinity when lag is in hash mode (git-fixes)
• rdma/mlx5: Fix affinity assignment (git-fixes)
• rdma/mlx5: Initiate dropless RQ for RAW Ethernet functions (git-fixes)
• rdma/mlx5: Rely on RoCE fw cap instead of devlink when setting profile (jsc#SLE-19253).
• rdma/rtrs: Fix rxe_dealloc_pd warning (git-fixes)
• rdma/rtrs: Fix the last iu->buf leak in err path (git-fixes)
• rdma/rxe: Fix packet length checks (git-fixes)
• rdma/rxe: Fix ref count error in check_rkey() (git-fixes)
• rdma/rxe: Fix rxe_cq_post (git-fixes)
• rdma/rxe: Fix the use-before-initialization error of resp_pkts (git-fixes)
• rdma/rxe: Remove dangling declaration of rxe_cq_disable() (git-fixes)
• rdma/rxe: Remove the unused variable obj (git-fixes)
• rdma/rxe: Removed unused name from rxe_task struct (git-fixes)
• rdma/uverbs: Restrict usage of privileged QKEYs (git-fixes)
• rdma/vmw_pvrdma: Remove unnecessary check on wr->opcode (git-fixes)
• regulator: core: Fix more error checking for debugfs_create_dir() (git-fixes).
• regulator: core: Streamline debugfs operations (git-fixes).
• regulator: helper: Document ramp_delay parameter of regulator_set_ramp_delay_regmap() (git-fixes).
• rpm/check-for-config-changes: ignore also PAHOLE_HAS_* We now also have options like CONFIG_PAHOLE_HAS_LANG_EXCLUDE.
• rtc: st-lpc: Release some resources in st_rtc_probe() in case of error (git-fixes).
• s390/gmap: voluntarily schedule during key setting (git-fixes bsc#1212892).
• s390/pkey: zeroize key blobs (git-fixes bsc#1212619).
• serial: 8250: lock port for UART_IER access in omap8250_irq() (git-fixes).
• serial: 8250: lock port for stop_rx() in omap8250_irq() (git-fixes).
• serial: 8250: omap: Fix freeing of resources on failed register (git-fixes).
• serial: 8250_omap: Use force_suspend and resume for system suspend (git-fixes).
• serial: atmel: do not enable IRQs prematurely (git-fixes).
• signal/s390: Use force_sigsegv in default_trap_handler (git-fixes bsc#1212861).
• soc/fsl/qe: fix usb.c build errors (git-fixes).
• soc: samsung: exynos-pmu: Re-introduce Exynos4212 support (git-fixes).
• soundwire: dmi-quirks: add new mapping for HP Spectre x360 (git-fixes).
• spi: dw: Round of n_bytes to power of 2 (git-fixes).
• spi: lpspi: disable lpspi module irq in DMA mode (git-fixes).
• spi: spi-geni-qcom: Correct CS_TOGGLE bit in SPI_TRANS_CFG (git-fixes).
• test_firmware: return ENOMEM instead of ENOSPC on failed memory allocation (git-fixes).
• thermal/drivers/sun8i: Fix some error handling paths in sun8i_ths_probe() (git-fixes).
• tracing/timer: Add missing hrtimer modes to decode_hrtimer_mode() (git-fixes).
• tty: serial: imx: fix rs485 rx after tx (git-fixes).
• tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in case of error (git-fixes).
• tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() when iterating clk (git-fixes).
• usb: dwc3-meson-g12a: Fix an error handling path in dwc3_meson_g12a_probe() (git-fixes).
• usb: dwc3: gadget: Propagate core init errors to UDC during pullup (git-fixes).
• usb: dwc3: qcom: Fix an error handling path in dwc3_qcom_probe() (git-fixes).
• usb: dwc3: qcom: Fix potential memory leak (git-fixes).
• usb: dwc3: qcom: Release the correct resources in dwc3_qcom_remove() (git-fixes).
• usb: gadget: u_serial: Add null pointer check in gserial_suspend (git-fixes).
• usb: gadget: udc: fix NULL dereference in remove() (git-fixes).
• usb: hide unused usbfs_notify_suspend/resume functions (git-fixes).
• usb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe() (git-fixes).
• usb: xhci: Remove unused udev from xhci_log_ctx trace event (git-fixes).
• usrmerge: Adjust module path in the kernel sources (bsc#1212835).
• vdpa/mlx5: Directly assign memory key (jsc#SLE-19253).
• vdpa/mlx5: Do not clear mr struct on destroy MR (jsc#SLE-19253).
• vdpa/mlx5: Fix wrong configuration of virtio_version_1_0 (jsc#SLE-19253).
• vdpa: Fix error logic in vdpa_nl_cmd_dev_get_doit (jsc#SLE-19253).
• vhost_vdpa: support PACKED when setting-getting vring_base (jsc#SLE-19253).
• w1: fix loop in w1_fini() (git-fixes).
• w1: w1_therm: fix locking behavior in convert_t (git-fixes).
• wifi: ath9k: Fix possible stall on ath9k_txq_list_has_key() (git-fixes).
• wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx (git-fixes).
• wifi: ath9k: convert msecs to jiffies where needed (git-fixes).
• wifi: ath9k: do not allow to overwrite ENDPOINT0 attributes (git-fixes).
• wifi: ath9k: fix AR9003 mac hardware hang check register offset calculation (git-fixes).
• wifi: atmel: Fix an error handling path in atmel_probe() (git-fixes).
• wifi: cfg80211: rewrite merging of inherited elements (git-fixes).
• wifi: iwlwifi: mvm: indicate HW decrypt for beacon protection (git-fixes).
• wifi: iwlwifi: pcie: fix NULL pointer dereference in iwl_pcie_irq_rx_msix_handler() (git-fixes).
• wifi: iwlwifi: pull from TXQs with softirqs disabled (git-fixes).
• wifi: mwifiex: Fix the size of a memory allocation in mwifiex_ret_802_11_scan() (git-fixes).
• wifi: orinoco: Fix an error handling path in orinoco_cs_probe() (git-fixes).
• wifi: orinoco: Fix an error handling path in spectrum_cs_probe() (git-fixes).
• wifi: rsi: Do not configure WoWlan in shutdown hook if not enabled (git-fixes).
• wifi: rsi: Do not set MMC_PM_KEEP_POWER in shutdown (git-fixes).
• wifi: wilc1000: fix for absent RSN capabilities WFA testcase (git-fixes).
• writeback: fix dereferencing NULL mapping->host on writeback_page_template (git-fixes).
• x86/build: Avoid relocation information in final vmlinux (bsc#1187829).
• x86/kprobes: Fix arch_check_optimized_kprobe check within optimized_kprobe range (git-fixes).
• x86/mm: Fix RESERVE_BRK() for older binutils (git-fixes).
• x86/mm: Fix use of uninitialized buffer in sme_enable() (git-fixes).
• x86/sgx: Fix race between reclaimer and page fault handler (git-fixes).
• x86/sgx: Mark PCMD page as dirty when modifying contents (git-fixes).
• x86/xen: fix secondary processor fpu initialization (bsc#1212869).

Special Instructions and Notes:

• Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Micro for Rancher 5.3
  zypper in -t patch SUSE-SLE-Micro-5.3-2023-2803=1
• SUSE Linux Enterprise Micro 5.3
  zypper in -t patch SUSE-SLE-Micro-5.3-2023-2803=1
• SUSE Linux Enterprise Micro for Rancher 5.4
  zypper in -t patch SUSE-SLE-Micro-5.4-2023-2803=1
• SUSE Linux Enterprise Micro 5.4
  zypper in -t patch SUSE-SLE-Micro-5.4-2023-2803=1
• SUSE Linux Enterprise Live Patching 15-SP4
  zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2023-2803=1
• SUSE Real Time Module 15-SP4
  zypper in -t patch SUSE-SLE-Module-RT-15-SP4-2023-2803=1
• openSUSE Leap Micro 5.3
  zypper in -t patch openSUSE-Leap-Micro-5.3-2023-2803=1
• openSUSE Leap 15.4
  zypper in -t patch openSUSE-SLE-15.4-2023-2803=1

Package List:

• SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64)
  • kernel-rt-5.14.21-150400.15.40.1
• SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64)
  • kernel-rt-debugsource-5.14.21-150400.15.40.1
  • kernel-rt-debuginfo-5.14.21-150400.15.40.1
• SUSE Linux Enterprise Micro 5.3 (nosrc x86_64)
  • kernel-rt-5.14.21-150400.15.40.1
• SUSE Linux Enterprise Micro 5.3 (x86_64)
  • kernel-rt-debugsource-5.14.21-150400.15.40.1
  • kernel-rt-debuginfo-5.14.21-150400.15.40.1
• SUSE Linux Enterprise Micro for Rancher 5.4 (nosrc x86_64)
  • kernel-rt-5.14.21-150400.15.40.1
• SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64)
  • kernel-rt-debugsource-5.14.21-150400.15.40.1
  • kernel-rt-debuginfo-5.14.21-150400.15.40.1
• SUSE Linux Enterprise Micro 5.4 (nosrc x86_64)
  • kernel-rt-5.14.21-150400.15.40.1
• SUSE Linux Enterprise Micro 5.4 (x86_64)
  • kernel-rt-debugsource-5.14.21-150400.15.40.1
  • kernel-rt-debuginfo-5.14.21-150400.15.40.1
• SUSE Linux Enterprise Live Patching 15-SP4 (x86_64)
  • kernel-livepatch-5_14_21-150400_15_40-rt-debuginfo-1-150400.1.3.1
  • kernel-livepatch-SLE15-SP4-RT_Update_9-debugsource-1-150400.1.3.1
  • kernel-livepatch-5_14_21-150400_15_40-rt-1-150400.1.3.1
• SUSE Real Time Module 15-SP4 (x86_64)
  • gfs2-kmp-rt-debuginfo-5.14.21-150400.15.40.1
  • cluster-md-kmp-rt-5.14.21-150400.15.40.1
  • gfs2-kmp-rt-5.14.21-150400.15.40.1
  • ocfs2-kmp-rt-5.14.21-150400.15.40.1
  • ocfs2-kmp-rt-debuginfo-5.14.21-150400.15.40.1
  • kernel-rt_debug-debuginfo-5.14.21-150400.15.40.1
  • kernel-rt-debugsource-5.14.21-150400.15.40.1
  • kernel-rt_debug-devel-5.14.21-150400.15.40.1
  • kernel-rt-debuginfo-5.14.21-150400.15.40.1
  • kernel-rt_debug-devel-debuginfo-5.14.21-150400.15.40.1
  • kernel-syms-rt-5.14.21-150400.15.40.1
  • kernel-rt-devel-5.14.21-150400.15.40.1
  • kernel-rt-devel-debuginfo-5.14.21-150400.15.40.1
  • dlm-kmp-rt-debuginfo-5.14.21-150400.15.40.1
  • kernel-rt_debug-debugsource-5.14.21-150400.15.40.1
  • cluster-md-kmp-rt-debuginfo-5.14.21-150400.15.40.1
  • dlm-kmp-rt-5.14.21-150400.15.40.1
• SUSE Real Time Module 15-SP4 (noarch)
  • kernel-devel-rt-5.14.21-150400.15.40.1
  • kernel-source-rt-5.14.21-150400.15.40.1
• SUSE Real Time Module 15-SP4 (nosrc x86_64)
  • kernel-rt_debug-5.14.21-150400.15.40.1
  • kernel-rt-5.14.21-150400.15.40.1
• openSUSE Leap Micro 5.3 (nosrc x86_64)
  • kernel-rt-5.14.21-150400.15.40.1
• openSUSE Leap Micro 5.3 (x86_64)
  • kernel-rt-debugsource-5.14.21-150400.15.40.1
  • kernel-rt-debuginfo-5.14.21-150400.15.40.1
• openSUSE Leap 15.4 (x86_64)
  • gfs2-kmp-rt-debuginfo-5.14.21-150400.15.40.1
  • cluster-md-kmp-rt-5.14.21-150400.15.40.1
  • gfs2-kmp-rt-5.14.21-150400.15.40.1
  • ocfs2-kmp-rt-5.14.21-150400.15.40.1
  • ocfs2-kmp-rt-debuginfo-5.14.21-150400.15.40.1
  • kernel-rt_debug-debuginfo-5.14.21-150400.15.40.1
  • kernel-rt-debugsource-5.14.21-150400.15.40.1
  • kernel-rt_debug-devel-5.14.21-150400.15.40.1
  • kernel-rt-debuginfo-5.14.21-150400.15.40.1
  • kernel-rt_debug-devel-debuginfo-5.14.21-150400.15.40.1
  • kernel-syms-rt-5.14.21-150400.15.40.1
  • kernel-rt-devel-5.14.21-150400.15.40.1
  • kernel-rt-devel-debuginfo-5.14.21-150400.15.40.1
  • dlm-kmp-rt-debuginfo-5.14.21-150400.15.40.1
  • kernel-rt_debug-debugsource-5.14.21-150400.15.40.1
  • cluster-md-kmp-rt-debuginfo-5.14.21-150400.15.40.1
  • dlm-kmp-rt-5.14.21-150400.15.40.1
• openSUSE Leap 15.4 (noarch)
  • kernel-devel-rt-5.14.21-150400.15.40.1
  • kernel-source-rt-5.14.21-150400.15.40.1
• openSUSE Leap 15.4 (nosrc x86_64)
  • kernel-rt_debug-5.14.21-150400.15.40.1
  • kernel-rt-5.14.21-150400.15.40.1

References:

• https://www.suse.com/security/cve/CVE-2023-1829.html
• https://www.suse.com/security/cve/CVE-2023-3090.html
• https://www.suse.com/security/cve/CVE-2023-3111.html
• https://www.suse.com/security/cve/CVE-2023-3212.html
• https://www.suse.com/security/cve/CVE-2023-3357.html
• https://www.suse.com/security/cve/CVE-2023-3358.html
• https://www.suse.com/security/cve/CVE-2023-3389.html
• https://bugzilla.suse.com/show_bug.cgi?id=1187829
• https://bugzilla.suse.com/show_bug.cgi?id=1194869
• https://bugzilla.suse.com/show_bug.cgi?id=1210335
• https://bugzilla.suse.com/show_bug.cgi?id=1212051
• https://bugzilla.suse.com/show_bug.cgi?id=1212265
• https://bugzilla.suse.com/show_bug.cgi?id=1212603
• https://bugzilla.suse.com/show_bug.cgi?id=1212605
• https://bugzilla.suse.com/show_bug.cgi?id=1212606
• https://bugzilla.suse.com/show_bug.cgi?id=1212619
• https://bugzilla.suse.com/show_bug.cgi?id=1212701