Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2023:4784-1
Rating:	important
References:	bsc#1084909 bsc#1176950 bsc#1190208 bsc#1203496 bsc#1205462 bsc#1208787 bsc#1210780 bsc#1214037 bsc#1214285 bsc#1214408 bsc#1214764 bsc#1216031 bsc#1216058 bsc#1216259 bsc#1216584 bsc#1216759 bsc#1216965 bsc#1216976 bsc#1217036 bsc#1217087 bsc#1217206 bsc#1217519 bsc#1217525 bsc#1217603 bsc#1217604 bsc#1217607 jsc#PED-3184 jsc#PED-5021
Cross-References:	CVE-2023-0461 CVE-2023-31083 CVE-2023-39197 CVE-2023-39198 CVE-2023-45863 CVE-2023-45871 CVE-2023-5717
CVSS scores:	CVE-2023-0461 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-0461 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-31083 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-31083 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-39197 ( SUSE ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N CVE-2023-39197 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2023-39198 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H CVE-2023-39198 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2023-45863 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2023-45863 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2023-45871 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-45871 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2023-5717 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-5717 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:	SUSE Linux Enterprise High Availability Extension 12 SP5 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12-SP5 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Software Development Kit 12 SP5 SUSE Linux Enterprise Workstation Extension 12 12-SP5

An update that solves seven vulnerabilities, contains two features and has 19 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

• CVE-2023-0461: Fixed use-after-free in icsk_ulp_data (bsc#1208787).
• CVE-2023-39197: Fixed a out-of-bounds read in nf_conntrack_dccp_packet() (bsc#1216976).
• CVE-2023-45863: Fixed a out-of-bounds write in fill_kobj_path() (bsc#1216058).
• CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the Performance Events component (bsc#1216584).
• CVE-2023-45871: Fixed an issue in the IGB driver, where the buffer size may not be adequate for frames larger than the MTU (bsc#1216259).
• CVE-2023-39198: Fixed a race condition leading to use-after-free in qxl_mode_dumb_create() (bsc#1216965).
• CVE-2023-31083: Fixed race condition in hci_uart_tty_ioctl (bsc#1210780).

The following non-security bugs were fixed:

• USB: serial: option: add Quectel RM500U-CN modem (git-fixes).
• USB: serial: option: add Telit FE990 compositions (git-fixes).
• USB: serial: option: add UNISOC vendor and TOZED LT70C product (git-fixes).
• cpu/SMT: Allow enabling partial SMT states via sysfs (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588).
• cpu/SMT: Create topology_smt_thread_allowed() (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588).
• cpu/SMT: Move SMT prototypes into cpu_smt.h (bsc#1214408).
• cpu/SMT: Move smt/control simple exit cases earlier (bsc#1214408).
• cpu/SMT: Remove topology_smt_supported() (bsc#1214408).
• cpu/SMT: Store the current/max number of threads (bsc#1214408).
• cpu/hotplug: Create SMT sysfs interface for all arches (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588).
• dm-raid: remove useless checking in raid_message() (git-fixes).
• l2tp: fix refcount leakage on PPPoL2TP sockets (git-fixes).
• l2tp: fix {pppol2tp, l2tp_dfs}_seq_stop() in case of seq_file overflow (git-fixes).
• md/bitmap: always wake up md_thread in timeout_store (git-fixes).
• md/bitmap: factor out a helper to set timeout (git-fixes).
• md/raid10: Do not add spare disk when recovery fails (git-fixes).
• md/raid10: check slab-out-of-bounds in md_bitmap_get_counter (git-fixes).
• md/raid10: clean up md_add_new_disk() (git-fixes).
• md/raid10: fix io loss while replacement replace rdev (git-fixes).
• md/raid10: fix leak of 'r10bio->remaining' for recovery (git-fixes).
• md/raid10: fix memleak for 'conf->bio_split' (git-fixes).
• md/raid10: fix memleak of md thread (git-fixes).
• md/raid10: fix null-ptr-deref in raid10_sync_request (git-fixes).
• md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request (git-fixes).
• md/raid10: fix overflow of md/safe_mode_delay (git-fixes).
• md/raid10: fix wrong setting of max_corr_read_errors (git-fixes).
• md/raid10: improve code of mrdev in raid10_sync_request (git-fixes).
• md/raid10: prevent soft lockup while flush writes (git-fixes).
• md/raid10: prioritize adding disk to 'removed' mirror (git-fixes).
• md: Flush workqueue md_rdev_misc_wq in md_alloc() (git-fixes).
• md: add new workqueue for delete rdev (git-fixes).
• md: avoid signed overflow in slot_store() (git-fixes).
• md: do not return existing mddevs from mddev_find_or_alloc (git-fixes).
• md: factor out a mddev_alloc_unit helper from mddev_find (git-fixes).
• md: fix data corruption for raid456 when reshape restart while grow up (git-fixes).
• md: fix deadlock causing by sysfs_notify (git-fixes).
• md: fix incorrect declaration about claim_rdev in md_import_device (git-fixes).
• md: flush md_rdev_misc_wq for HOT_ADD_DISK case (git-fixes).
• md: get sysfs entry after redundancy attr group create (git-fixes).
• md: refactor mddev_find_or_alloc (git-fixes).
• md: remove lock_bdev / unlock_bdev (git-fixes).
• mm, memcg: add mem_cgroup_disabled checks in vmpressure and swap-related functions (bsc#1190208 (MM functional and performance backports) bsc#1216759).
• net-memcg: Fix scope of sockmem pressure indicators (bsc#1216759).
• net: mana: Configure hwc timeout from hardware (bsc#1214037).
• net: mana: Fix MANA VF unload when hardware is unresponsive (bsc#1214764).
• powerpc/pseries: Honour current SMT state when DLPAR onlining CPUs (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588).
• powerpc/pseries: Initialise CPU hotplug callbacks earlier (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588).
• powerpc: Add HOTPLUG_SMT support (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). Update config files.
• ring-buffer: Avoid softlockup in ring_buffer_resize() (git-fixes).
• s390/cio: unregister device when the only path is gone (git-fixes bsc#1217607).
• s390/cmma: fix detection of DAT pages (LTC#203996 bsc#1217087).
• s390/cmma: fix handling of swapper_pg_dir and invalid_pg_dir (LTC#203996 bsc#1217087).
• s390/cmma: fix initial kernel address space page table walk (LTC#203996 bsc#1217087).
• s390/crashdump: fix TOD programmable field size (git-fixes bsc#1217206).
• s390/dasd: protect device queue against concurrent access (git-fixes bsc#1217519).
• s390/dasd: use correct number of retries for ERP requests (git-fixes bsc#1217604).
• s390/mm: add missing arch_set_page_dat() call to gmap allocations (LTC#203996 bsc#1217087).
• s390/mm: add missing arch_set_page_dat() call to vmem_crst_alloc() (LTC#203996 bsc#1217087).
• s390/ptrace: fix PTRACE_GET_LAST_BREAK error handling (git-fixes bsc#1217603).
• scsi: qla2xxx: Fix double free of dsd_list during driver load (git-fixes).
• scsi: qla2xxx: Use FIELD_GET() to extract PCIe capability fields (git-fixes).
• tracing: Increase PERF_MAX_TRACE_SIZE to handle Sentinel1 and docker together (bsc#1216031).
• usb-storage: fix deadlock when a scsi command timeouts more than once (git-fixes).
• usb: typec: tcpm: Fix altmode re-registration causes sysfs create fail (git-fixes).
• xfs: fix units conversion error in xfs_bmap_del_extent_delay (git-fixes).
• xfs: make sure maxlen is still congruent with prod when rounding down (git-fixes).
• xfs: reserve data and rt quota at the same time (bsc#1203496).

Special Instructions and Notes:

• Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Server for SAP Applications 12 SP5
  zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-4784=1 SUSE-SLE-HA-12-SP5-2023-4784=1
• SUSE Linux Enterprise High Availability Extension 12 SP5
  zypper in -t patch SUSE-SLE-HA-12-SP5-2023-4784=1
• SUSE Linux Enterprise Live Patching 12-SP5
  zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2023-4784=1
• SUSE Linux Enterprise Software Development Kit 12 SP5
  zypper in -t patch SUSE-SLE-SDK-12-SP5-2023-4784=1
• SUSE Linux Enterprise High Performance Computing 12 SP5
  zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-4784=1
• SUSE Linux Enterprise Server 12 SP5
  zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-4784=1
• SUSE Linux Enterprise Workstation Extension 12 12-SP5
  zypper in -t patch SUSE-SLE-WE-12-SP5-2023-4784=1

Package List:

• SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64)
  • kernel-default-devel-4.12.14-122.186.1
  • kernel-default-debuginfo-4.12.14-122.186.1
  • kernel-default-debugsource-4.12.14-122.186.1
  • gfs2-kmp-default-4.12.14-122.186.1
  • kernel-syms-4.12.14-122.186.1
  • cluster-md-kmp-default-4.12.14-122.186.1
  • kernel-default-base-4.12.14-122.186.1
  • dlm-kmp-default-debuginfo-4.12.14-122.186.1
  • dlm-kmp-default-4.12.14-122.186.1
  • gfs2-kmp-default-debuginfo-4.12.14-122.186.1
  • ocfs2-kmp-default-debuginfo-4.12.14-122.186.1
  • cluster-md-kmp-default-debuginfo-4.12.14-122.186.1
  • ocfs2-kmp-default-4.12.14-122.186.1
  • kernel-default-base-debuginfo-4.12.14-122.186.1
• SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc ppc64le x86_64)
  • kernel-default-4.12.14-122.186.1
• SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch)
  • kernel-devel-4.12.14-122.186.1
  • kernel-macros-4.12.14-122.186.1
  • kernel-source-4.12.14-122.186.1
• SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64)
  • kernel-default-devel-debuginfo-4.12.14-122.186.1
• SUSE Linux Enterprise High Availability Extension 12 SP5 (ppc64le s390x x86_64)
  • kernel-default-debuginfo-4.12.14-122.186.1
  • kernel-default-debugsource-4.12.14-122.186.1
  • gfs2-kmp-default-4.12.14-122.186.1
  • cluster-md-kmp-default-4.12.14-122.186.1
  • dlm-kmp-default-debuginfo-4.12.14-122.186.1
  • dlm-kmp-default-4.12.14-122.186.1
  • gfs2-kmp-default-debuginfo-4.12.14-122.186.1
  • ocfs2-kmp-default-debuginfo-4.12.14-122.186.1
  • cluster-md-kmp-default-debuginfo-4.12.14-122.186.1
  • ocfs2-kmp-default-4.12.14-122.186.1
• SUSE Linux Enterprise High Availability Extension 12 SP5 (nosrc)
  • kernel-default-4.12.14-122.186.1
• SUSE Linux Enterprise Live Patching 12-SP5 (nosrc)
  • kernel-default-4.12.14-122.186.1
• SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64)
  • kernel-default-debuginfo-4.12.14-122.186.1
  • kernel-default-kgraft-devel-4.12.14-122.186.1
  • kernel-default-debugsource-4.12.14-122.186.1
  • kernel-default-kgraft-4.12.14-122.186.1
  • kgraft-patch-4_12_14-122_186-default-1-8.3.1
• SUSE Linux Enterprise Software Development Kit 12 SP5 (noarch nosrc)
  • kernel-docs-4.12.14-122.186.1
• SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64)
  • kernel-obs-build-debugsource-4.12.14-122.186.1
  • kernel-obs-build-4.12.14-122.186.1
• SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 nosrc x86_64)
  • kernel-default-4.12.14-122.186.1
• SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64)
  • kernel-default-devel-4.12.14-122.186.1
  • kernel-default-debuginfo-4.12.14-122.186.1
  • kernel-default-debugsource-4.12.14-122.186.1
  • kernel-syms-4.12.14-122.186.1
  • kernel-default-base-4.12.14-122.186.1
  • kernel-default-base-debuginfo-4.12.14-122.186.1
• SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch)
  • kernel-devel-4.12.14-122.186.1
  • kernel-macros-4.12.14-122.186.1
  • kernel-source-4.12.14-122.186.1
• SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64)
  • kernel-default-devel-debuginfo-4.12.14-122.186.1
• SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64 nosrc)
  • kernel-default-4.12.14-122.186.1
• SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64)
  • kernel-default-devel-4.12.14-122.186.1
  • kernel-default-debuginfo-4.12.14-122.186.1
  • kernel-default-debugsource-4.12.14-122.186.1
  • kernel-syms-4.12.14-122.186.1
  • kernel-default-base-4.12.14-122.186.1
  • kernel-default-base-debuginfo-4.12.14-122.186.1
• SUSE Linux Enterprise Server 12 SP5 (noarch)
  • kernel-devel-4.12.14-122.186.1
  • kernel-macros-4.12.14-122.186.1
  • kernel-source-4.12.14-122.186.1
• SUSE Linux Enterprise Server 12 SP5 (s390x)
  • kernel-default-man-4.12.14-122.186.1
• SUSE Linux Enterprise Server 12 SP5 (x86_64)
  • kernel-default-devel-debuginfo-4.12.14-122.186.1
• SUSE Linux Enterprise Workstation Extension 12 12-SP5 (nosrc)
  • kernel-default-4.12.14-122.186.1
• SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64)
  • kernel-default-extra-debuginfo-4.12.14-122.186.1
  • kernel-default-debuginfo-4.12.14-122.186.1
  • kernel-default-extra-4.12.14-122.186.1
  • kernel-default-debugsource-4.12.14-122.186.1

References:

• https://www.suse.com/security/cve/CVE-2023-0461.html
• https://www.suse.com/security/cve/CVE-2023-31083.html
• https://www.suse.com/security/cve/CVE-2023-39197.html
• https://www.suse.com/security/cve/CVE-2023-39198.html
• https://www.suse.com/security/cve/CVE-2023-45863.html
• https://www.suse.com/security/cve/CVE-2023-45871.html
• https://www.suse.com/security/cve/CVE-2023-5717.html
• https://bugzilla.suse.com/show_bug.cgi?id=1084909
• https://bugzilla.suse.com/show_bug.cgi?id=1176950
• https://bugzilla.suse.com/show_bug.cgi?id=1190208
• https://bugzilla.suse.com/show_bug.cgi?id=1203496
• https://bugzilla.suse.com/show_bug.cgi?id=1205462
• https://bugzilla.suse.com/show_bug.cgi?id=1208787
• https://bugzilla.suse.com/show_bug.cgi?id=1210780
• https://bugzilla.suse.com/show_bug.cgi?id=1214037
• https://bugzilla.suse.com/show_bug.cgi?id=1214285
• https://bugzilla.suse.com/show_bug.cgi?id=1214408
• https://bugzilla.suse.com/show_bug.cgi?id=1214764
• https://bugzilla.suse.com/show_bug.cgi?id=1216031
• https://bugzilla.suse.com/show_bug.cgi?id=1216058
• https://bugzilla.suse.com/show_bug.cgi?id=1216259
• https://bugzilla.suse.com/show_bug.cgi?id=1216584
• https://bugzilla.suse.com/show_bug.cgi?id=1216759
• https://bugzilla.suse.com/show_bug.cgi?id=1216965
• https://bugzilla.suse.com/show_bug.cgi?id=1216976
• https://bugzilla.suse.com/show_bug.cgi?id=1217036
• https://bugzilla.suse.com/show_bug.cgi?id=1217087
• https://bugzilla.suse.com/show_bug.cgi?id=1217206
• https://bugzilla.suse.com/show_bug.cgi?id=1217519
• https://bugzilla.suse.com/show_bug.cgi?id=1217525
• https://bugzilla.suse.com/show_bug.cgi?id=1217603
• https://bugzilla.suse.com/show_bug.cgi?id=1217604
• https://bugzilla.suse.com/show_bug.cgi?id=1217607
• https://jira.suse.com/browse/PED-3184
• https://jira.suse.com/browse/PED-5021