The SUSE Linux Enterprise 12 SP5 Azure kernel was updated.
The following security bugs were fixed:
CVE-2021-4037: Fixed function logic vulnerability that allowed local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set (bnc#1198702).
CVE-2022-2153: Fixed vulnerability in KVM that could allow an unprivileged local attacker on the host to cause DoS (bnc#1200788).
CVE-2022-2964, CVE-2022-28748: Fixed memory corruption issues in ax88179_178a devices (bnc#1202686).
CVE-2022-3169: Fixed a denial of service flaw which occurs when consecutive requests to NVMEIOCTLRESET and the NVMEIOCTLSUBSYS_RESET are sent (bnc#1203290).
CVE-2022-3424: Fixed use-after-free in grusetcontextoption(), grufault() and gruhandleusercallos() that could lead to kernel panic (bsc#1204166).
CVE-2022-3521: Fixed race condition in kcmtxwork() in net/kcm/kcmsock.c (bnc#1204355).
CVE-2022-3524: Fixed memory leak in ipv6renewoptions() in the IPv6 handler (bnc#1204354).
CVE-2022-3542: Fixed memory leak in bnx2xtpastop() in drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c (bnc#1204402).
CVE-2022-3545: Fixed use-after-free in areacacheget() in drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bnc#1204415).
CVE-2022-3565: Fixed use-after-free in deltimer() in drivers/isdn/mISDN/l1oipcore.c (bnc#1204431).
CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could allow a local unprivileged user to cause a denial of service (bnc#1204439).
CVE-2022-3594: Fixed excessive data logging in intr_callback() in drivers/net/usb/r8152.c (bnc#1204479).
CVE-2022-3621: Fixed null pointer dereference in nilfsbmaplookupatlevel() in fs/nilfs2/inode.c (bnc#1204574).
CVE-2022-3629: Fixed memory leak in vsockconnect() in net/vmwvsock/af_vsock.c (bnc#1204635).
CVE-2022-3646: Fixed memory leak in nilfsattachlog_writer() in fs/nilfs2/segment.c (bnc#1204646).
CVE-2022-3649: Fixed use-after-free in nilfsnewinode() in fs/nilfs2/inode.c (bnc#1204647).
CVE-2022-40307: Fixed a race condition that could had been exploited to trigger a use-after-free in the efi firmware capsule-loader.c (bnc#1203322).
CVE-2022-40768: Fixed information leak in the scsi driver which allowed local users to obtain sensitive information from kernel memory (bnc#1203514).
CVE-2022-42703: Fixed use-after-free in mm/rmap.c related to leaf anon_vma double reuse (bnc#1204168).
CVE-2022-43750: Fixed vulnerability in usbmon that allowed a user-space client to corrupt the monitor's internal memory (bnc#1204653).
The following non-security bugs were fixed:
acpi: processor idle: Practically limit 'Dummy wait' workaround to old Intel systems (bnc#1203802).
acpi: processor_idle: Skip dummy wait if kernel is in guest (bnc#1203802).