SUSE-SU-2023:1802-1

Source
https://www.suse.com/support/update/announcement/2023/suse-su-20231802-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:1802-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2023:1802-1
Related
Published
2023-04-10T08:30:48Z
Modified
2023-04-10T08:30:48Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP4 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2017-5753: Fixed spectre V1 vulnerability on netlink (bsc#1209547).
  • CVE-2017-5753: Fixed spectre vulnerability in prlimit (bsc#1209256).
  • CVE-2022-4744: Fixed double-free that could lead to DoS or privilege escalation in TUN/TAP device driver functionality (bsc#1209635).
  • CVE-2023-0394: Fixed NULL pointer dereference that could lead to a system crash in rawv6pushpending_frames in net/ipv6/raw.c (bsc#1207168).
  • CVE-2023-1281: Fixed use after free that could lead to privilege escalation in tcindex (bsc#1209634).
  • CVE-2023-1513: Fixed an uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak (bsc#1209532).
  • CVE-2023-1582: Fixed soft lockup in _pagemapcount (bsc#1209636).
  • CVE-2023-1637: Fixed vulnerability that could lead to unauthorized access to CPU memory after resuming CPU from suspend-to-RAM (bsc#1209779).
  • CVE-2023-1652: Fixed use-after-free that could lead to DoS and information leak in nfsd4sscsetup_dul in fs/nfsd/nfs4proc.c (bsc#1209788).
  • CVE-2023-28327: Fixed DoS in inskb in unixdiaggetexact() (bsc#1209290).
  • CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hciconncleanup in net/bluetooth/hci_conn.c (bsc#1209052).
  • CVE-2023-28466: Fixed race condition that could lead to use-after-free or NULL pointer dereference in dotlsgetsockopt in net/tls/tls_main.c (bsc#1209366).

The following non-security bugs were fixed:

  • ACPI: x86: utils: Add Cezanne to the list for forcing StorageD3Enable (git-fixes).
  • ALSA: hda/conexant: Partial revert of a quirk for Lenovo (git-fixes).
  • ALSA: hda/realtek: Add quirk for Lenovo ZhaoYang CF4620Z (git-fixes).
  • ALSA: hda/realtek: Add quirks for some Clevo laptops (git-fixes).
  • ALSA: hda/realtek: Fix support for Dell Precision 3260 (git-fixes).
  • ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book2 Pro (git-fixes).
  • ALSA: hda: intel-dsp-config: add MTL PCI id (git-fixes).
  • ALSA: usb-audio: Fix recursive locking at XRUN during syncing (git-fixes).
  • ALSA: usb-audio: Fix regression on detection of Roland VS-100 (git-fixes).
  • ALSA: ymfpci: Fix BUG_ON in probe function (git-fixes).
  • ARM: dts: imx6sl: tolino-shine2hd: fix usbotg1 pinctrl (git-fixes).
  • ARM: dts: imx6sll: e60k02: fix usbotg1 pinctrl (git-fixes).
  • Bluetooth: L2CAP: Fix responding with wrong PDU type (git-fixes).
  • Bluetooth: btqcomsmd: Fix command timeout after setting BD address (git-fixes).
  • Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work (git-fixes).
  • Fix error path in pci-hyperv to unlock the mutex state_lock
  • HID: cp2112: Fix driver not registering GPIO IRQ chip as threaded (git-fixes).
  • HID: intel-ish-hid: ipc: Fix potential use-after-free in work function (git-fixes).
  • Input: alps - fix compatibility with -funsigned-char (bsc#1209805).
  • KVM: x86: fix sending PV IPI (git-fixes).
  • Makefile: link with -z noexecstack --no-warn-rwx-segments (bsc#1203200).
  • NFSv4: Fix hangs when recovering open state after a server reboot (git-fixes).
  • PCI/DPC: Await readiness of secondary bus after reset (git-fixes).
  • PCI: hv: Add a per-bus mutex state_lock (bsc#1207185).
  • PCI: hv: Fix a race condition in hvirqunmask() that can cause panic (bsc#1207185).
  • PCI: hv: Remove the useless hvpcichildstate from struct hvpcidev (bsc#1207185).
  • PCI: hv: Use async probing to reduce boot time (bsc#1207185).
  • PCI: hv: fix a race condition bug in hvpciquery_relations() (bsc#1207185).
  • Revert 'Makefile: link with -z noexecstack --no-warn-rwx-segments' (bsc#1209798)
  • Revert 'PCI: hv: Fix a timing issue which causes kdump to fail occasionally' (bsc#1207185).
  • Revert 'Revert 'Makefile: link with -z noexecstack --no-warn-rwx-segments' (bsc#1209798)'
  • Revert 'Revert 'x86: link vdso and boot with -z noexecstack' (bsc#1209798)
  • Revert 'x86: link vdso and boot with -z noexecstack' (bsc#1209798)
  • USB: cdns3: Fix issue with using incorrect PCI device function (git-fixes).
  • USB: cdnsp: Fixes issue with redundant Status Stage (git-fixes).
  • USB: cdnsp: changes PCI Device ID to fix conflict with CNDS3 driver (git-fixes).
  • USB: chipdea: core: fix return -EINVAL if request role is the same with current role (git-fixes).
  • USB: chipidea: fix memory leak with using debugfs_lookup() (git-fixes).
  • USB: dwc2: fix a devres leak in hw_enable upon suspend resume (git-fixes).
  • USB: dwc3: Fix a typo in field name (git-fixes).
  • USB: dwc3: gadget: Add 1ms delay after end transfer command without IOC (git-fixes).
  • USB: fotg210: fix memory leak with using debugfs_lookup() (git-fixes).
  • USB: gadget: bcm63xxudc: fix memory leak with using debugfslookup() (git-fixes).
  • USB: gadget: grudc: fix memory leak with using debugfslookup() (git-fixes).
  • USB: gadget: lpc32xxudc: fix memory leak with using debugfslookup() (git-fixes).
  • USB: gadget: pxa25xudc: fix memory leak with using debugfslookup() (git-fixes).
  • USB: gadget: u_audio: do not let userspace block driver unbind (git-fixes).
  • USB: isp116x: fix memory leak with using debugfs_lookup() (git-fixes).
  • USB: isp1362: fix memory leak with using debugfs_lookup() (git-fixes).
  • USB: sl811: fix memory leak with using debugfs_lookup() (git-fixes).
  • USB: typec: tcpm: fix warning when handle discover_identity message (git-fixes).
  • USB: ucsi: Fix NULL pointer deref in ucsiconnectorchange() (git-fixes).
  • USB: uhci: fix memory leak with using debugfs_lookup() (git-fixes).
  • arch: fix broken BuildID for arm64 and riscv (bsc#1209798).
  • arm64/cpufeature: Fix field sign for DIT hwcap detection (git-fixes)
  • arm64: dts: freescale: Fix pca954x i2c-mux node names (git-fixes)
  • arm64: dts: imx8mm-nitrogen-r2: fix WM8960 clock name (git-fixes).
  • arm64: dts: imx8mn: specify #sound-dai-cells for SAI nodes (git-fixes).
  • arm64: dts: imx8mp-phycore-som: Remove invalid PMIC property (git-fixes)
  • arm64: dts: imx8mp: correct usb clocks (git-fixes)
  • arm64: dts: imx8mq: add mipi csi phy and csi bridge descriptions (git-fixes)
  • arm64: dts: imx8mq: fix mipi_csi bidirectional port numbers (git-fixes)
  • arm64: dts: qcom: sm8350: Mark UFS controller as cache coherent (git-fixes).
  • atm: idt77252: fix kmemleak when rmmod idt77252 (git-fixes).
  • ca8210: Fix unsigned maclen comparison with zero in ca8210skb_tx() (git-fixes).
  • ca8210: fix mac_len negative array access (git-fixes).
  • can: bcm: bcmtxsetup(): fix KMSAN uninit-value in vfs_write (git-fixes).
  • cifs: Fix smb2setpath_size() (git-fixes).
  • cifs: Move the insend statistic to _smbsendrqst() (git-fixes).
  • cifs: append path to open_enter trace event (bsc#1193629).
  • cifs: avoid race conditions with parallel reconnects (bsc#1193629).
  • cifs: avoid races in parallel reconnects in smb1 (bsc#1193629).
  • cifs: check only tcon status on tcon related functions (bsc#1193629).
  • cifs: do not poll server interfaces too regularly (bsc#1193629).
  • cifs: dump pending mids for all channels in DebugData (bsc#1193629).
  • cifs: empty interface list when server does not support query interfaces (bsc#1193629).
  • cifs: fix DFS traversal oops without CONFIGCIFSDFS_UPCALL (bsc#1193629).
  • cifs: fix dentry lookups in directory handle cache (bsc#1193629).
  • cifs: fix missing unloadnls() in smb2reconnect() (bsc#1193629).
  • cifs: fix use-after-free bug in refreshcacheworker() (bsc#1193629).
  • cifs: generate signkey for the channel that's reconnecting (bsc#1193629).
  • cifs: get rid of dead check in smb2_reconnect() (bsc#1193629).
  • cifs: lock chanlock outside matchsession (bsc#1193629).
  • cifs: prevent infinite recursion in CIFSGetDFSRefer() (bsc#1193629).
  • cifs: print session id while listing open files (bsc#1193629).
  • cifs: return DFS root session id in DebugData (bsc#1193629).
  • cifs: set DFS root session in cifsgetsmb_ses() (bsc#1193629).
  • cifs: use DFS root session instead of tcon ses (bsc#1193629).
  • drivers/base: Fix unsigned comparison to -1 in CPUMAPFILEMAX_BYTES (bsc#1208815).
  • drivers/base: fix userspace break from using bin_attributes for cpumap and cpulist (bsc#1208815).
  • drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes (git-fixes).
  • drm/amdkfd: Fix an illegal memory access (git-fixes).
  • drm/bridge: lt8912b: return EPROBE_DEFER if bridge is not found (git-fixes).
  • drm/i915/active: Fix missing debug object activation (git-fixes).
  • drm/i915/active: Fix misuse of non-idle barriers as fence trackers (git-fixes).
  • drm/i915/display/psr: Handle plane and pipe restrictions at every page flip (git-fixes).
  • drm/i915/display/psr: Use drm damage helpers to calculate plane damaged area (git-fixes).
  • drm/i915/display: Workaround cursor left overs with PSR2 selective fetch enabled (git-fixes).
  • drm/i915/display: clean up comments (git-fixes).
  • drm/i915/gt: perform uc late init after probe error injection (git-fixes).
  • drm/i915/psr: Use calculated io and fast wake lines (git-fixes).
  • drm/i915/tc: Fix the ICL PHY ownership check in TC-cold state (git-fixes).
  • drm/i915: Do not use BAR mappings for ring buffers with LLC (git-fixes).
  • drm/i915: Do not use stolen memory for ring buffers with LLC (git-fixes).
  • drm/i915: Preserve crtc_state->inherited during state clearing (git-fixes).
  • drm/i915: Remove unused bits of i915_vma/active api (git-fixes).
  • efi: sysfb_efi: Fix DMI quirks not working for simpledrm (git-fixes).
  • fbdev: stifb: Provide valid pixelclock and add fbcheckvar() checks (git-fixes).
  • firmware: arm_scmi: Fix device node validation for mailbox transport (git-fixes).
  • hwmon: fix potential sensor registration fail if of_node is missing (git-fixes).
  • i2c: hisi: Only use the completion interrupt to finish the transfer (git-fixes).
  • i2c: imx-lpi2c: check only for enabled interrupt flags (git-fixes).
  • i2c: xgene-slimpro: Fix out-of-bounds bug in xgeneslimproi2c_xfer() (git-fixes).
  • kABI: x86/msr: Remove .fixup usage (kabi).
  • kconfig: Update config changed flag before calling callback (git-fixes).
  • lan78xx: Add missing return code checks (git-fixes).
  • lan78xx: Fix exception on link speed change (git-fixes).
  • lan78xx: Fix memory allocation bug (git-fixes).
  • lan78xx: Fix partial packet errors on suspend/resume (git-fixes).
  • lan78xx: Fix race condition in disconnect handling (git-fixes).
  • lan78xx: Fix race conditions in suspend/resume handling (git-fixes).
  • lan78xx: Fix white space and style issues (git-fixes).
  • lan78xx: Remove unused pause frame queue (git-fixes).
  • lan78xx: Remove unused timer (git-fixes).
  • lan78xx: Set flow control threshold to prevent packet loss (git-fixes).
  • lockd: set file_lock start and end when decoding nlm4 testargs (git-fixes).
  • locking/rwbase: Mitigate indefinite writer starvation (bsc#1189998 (PREEMPT_RT prerequisite backports), bsc#1206552).
  • mm: memcg: fix swapcached stat accounting (bsc#1209804).
  • mmc: atmel-mci: fix race between stop command and start of next command (git-fixes).
  • mtd: rawnand: meson: invalidate cache on polling ECC bit (git-fixes).
  • net: asix: fix modprobe 'sysfs: cannot create duplicate filename' (git-fixes).
  • net: mdio: thunder: Add missing fwnodehandleput() (git-fixes).
  • net: phy: Ensure state transitions are processed from phy_stop() (git-fixes).
  • net: phy: dp83869: fix default value for tx-/rx-internal-delay (git-fixes).
  • net: phy: nxp-c45-tja11xx: fix MIIBASICCONFIG_REV bit (git-fixes).
  • net: phy: smsc: bail out in lan87xxreadstatus if genphyreadstatus fails (git-fixes).
  • net: qcom/emac: Fix use after free bug in emac_remove due to race condition (git-fixes).
  • net: usb: asix: remove redundant assignment to variable reg (git-fixes).
  • net: usb: cdc_mbim: avoid altsetting toggling for Telit FE990 (git-fixes).
  • net: usb: lan78xx: Limit packet length to skb->len (git-fixes).
  • net: usb: qmi_wwan: add Telit 0x1080 composition (git-fixes).
  • net: usb: smsc95xx: Limit packet length to skb->len (git-fixes).
  • net: usb: use ethhwaddr_set() (git-fixes).
  • nilfs2: fix kernel-infoleak in nilfsioctlwrap_copy() (git-fixes).
  • nvme-tcp: always fail a request when sending it failed (bsc#1208902).
  • pinctrl: amd: Disable and mask interrupts on resume (git-fixes).
  • pinctrl: at91-pio4: fix domain name assignment (git-fixes).
  • pinctrl: ocelot: Fix alt mode for ocelot (git-fixes).
  • platform/chrome: crosecchardev: fix kernel data leak from ioctl (git-fixes).
  • platform/x86/intel/pmc: Alder Lake PCH slps0residency fix (git-fixes).
  • platform/x86: think-lmi: Add possible_values for ThinkStation (git-fixes).
  • platform/x86: think-lmi: Certificate authentication support (bsc#1210050).
  • platform/x86: think-lmi: Move kobjectinit() call into tlmicreate_auth() (bsc#1210050).
  • platform/x86: think-lmi: Opcode support (bsc#1210050).
  • platform/x86: think-lmi: Prevent underflow in index_store() (bsc#1210050).
  • platform/x86: think-lmi: Simplify tlmi_analyze() error handling a bit (bsc#1210050).
  • platform/x86: think-lmi: Use min_t() for comparison and assignment (bsc#1210050).
  • platform/x86: think-lmi: add debug_cmd (bsc#1210050).
  • platform/x86: think-lmi: add missing type attribute (git-fixes).
  • platform/x86: think-lmi: certificate support clean ups (bsc#1210050).
  • platform/x86: think-lmi: only display possible_values if available (git-fixes).
  • platform/x86: think-lmi: use correct possible_values delimiters (git-fixes).
  • platform/x86: thinkpad-acpi: Add support for automatic mode transitions (bsc#1210050).
  • platform/x86: thinkpad-acpi: Enable AMT by default on supported systems (bsc#1210050).
  • platform/x86: thinkpad-acpi: profile capabilities as integer (bsc#1210050).
  • platform/x86: thinkpadacpi: Accept ibminit_struct.init() returning -ENODEV (bsc#1210050).
  • platform/x86: thinkpadacpi: Add LEDRETAINATSHUTDOWN to ledclassdevs (bsc#1210050).
  • platform/x86: thinkpad_acpi: Add PSC mode support (bsc#1210050).
  • platform/x86: thinkpad_acpi: Add a s2idle resume quirk for a number of laptops (bsc#1210050).
  • platform/x86: thinkpad_acpi: Add dual fan probe (bsc#1210050).
  • platform/x86: thinkpad_acpi: Add dual-fan quirk for T15g (2nd gen) (bsc#1210050).
  • platform/x86: thinkpadacpi: Add hotkeynotifyextendedhotkey() helper (bsc#1210050).
  • platform/x86: thinkpadacpi: Add lidlogo_dot to the list of safe LEDs (bsc#1210050).
  • platform/x86: thinkpad_acpi: Add quirk for ThinkPads without a fan (bsc#1210050).
  • platform/x86: thinkpadacpi: Cleanup dytcprofile_available (bsc#1210050).
  • platform/x86: thinkpad_acpi: Convert btusb DMI list to quirks (bsc#1210050).
  • platform/x86: thinkpadacpi: Convert platform driver to use devgroups (bsc#1210050).
  • platform/x86: thinkpad_acpi: Correct dual fan probe (bsc#1210050).
  • platform/x86: thinkpadacpi: Do not use testbit on an integer (bsc#1210050).
  • platform/x86: thinkpad_acpi: Enable s2idle quirk for 21A1 machine type (bsc#1210050).
  • platform/x86: thinkpad_acpi: Explicitly set to balanced mode on startup (bsc#1210050).
  • platform/x86: thinkpad_acpi: Fix a memory leak of EFCH MMIO resource (bsc#1210050).
  • platform/x86: thinkpad_acpi: Fix coccinelle warnings (bsc#1210050).
  • platform/x86: thinkpad_acpi: Fix compiler warning about uninitialized err variable (bsc#1210050).
  • platform/x86: thinkpad_acpi: Fix incorrect use of platform profile on AMD platforms (bsc#1210050).
  • platform/x86: thinkpadacpi: Fix maxbrightness of thinklight (bsc#1210050).
  • platform/x86: thinkpad_acpi: Fix profile mode display in AMT mode (bsc#1210050).
  • platform/x86: thinkpad_acpi: Fix profile modes on Intel platforms (bsc#1210050).
  • platform/x86: thinkpad_acpi: Fix reporting a non present second fan on some models (bsc#1210050).
  • platform/x86: thinkpad_acpi: Fix the hwmon sysfs-attr showing up in the wrong place (bsc#1210050).
  • platform/x86: thinkpadacpi: Fix thermaltempinputattr sorting (bsc#1210050).
  • platform/x86: thinkpad_acpi: Fix thinklight LED brightness returning 255 (bsc#1210050).
  • platform/x86: thinkpad_acpi: Get privacy-screen / lcdshadow ACPI handles only once (bsc#1210050).
  • platform/x86: thinkpadacpi: Make *init() functions return -ENODEV instead of 1 (bsc#1210050).
  • platform/x86: thinkpadacpi: Properly indent code in tpacpidytcprofileinit() (bsc#1210050).
  • platform/x86: thinkpadacpi: Register tpacpipdriver after subdriver init (bsc#1210050).
  • platform/x86: thinkpadacpi: Remove 'goto errexit' from hotkey_init() (bsc#1210050).
  • platform/x86: thinkpadacpi: Remove unused sensorspdevattrsregistered flag (bsc#1210050).
  • platform/x86: thinkpadacpi: Restore missing hotkeytabletmode and hotkeyradio_sw sysfs-attr (bsc#1210050).
  • platform/x86: thinkpadacpi: Simplify dytcversion handling (bsc#1210050).
  • platform/x86: thinkpad_acpi: Switch to common use of attributes (bsc#1210050).
  • platform/x86: thinkpad_acpi: Use backlight helper (bsc#1210050).
  • platform/x86: thinkpad_acpi: clean up dytc profile convert (bsc#1210050).
  • platform/x86: thinkpadacpi: consistently check fanget_status return (bsc#1210050).
  • platform/x86: thinkpad_acpi: do not use PSC mode on Intel platforms (bsc#1210050).
  • platform/x86: thinkpadacpi: tpacpiattr_group contains driver attributes not device attrs (bsc#1210050).
  • platform/x86: thinkpad_acpi: use strstarts() (bsc#1210050).
  • power: supply: da9150: Fix use after free bug in da9150chargerremove due to race condition (git-fixes).
  • powerpc/64s/interrupt: Fix interrupt exit race with security mitigation switch (bsc#1194869).
  • powerpc/btext: add missing ofnodeput (bsc#1065729).
  • powerpc/ioda/iommu/debugfs: Generate unique debugfs entries (bsc#1194869).
  • powerpc/iommu: Add missing ofnodeput in iommuinitearly_dart (bsc#1194869).
  • powerpc/iommu: fix memory leak with using debugfs_lookup() (bsc#1194869).
  • powerpc/kcsan: Exclude udelay to prevent recursive instrumentation (bsc#1194869).
  • powerpc/kexec_file: fix implicit decl error (bsc#1194869).
  • powerpc/powernv/ioda: Skip unallocated resources when mapping to PE (bsc#1065729).
  • powerpc/powernv: fix missing ofnodeput in uv_init() (bsc#1194869).
  • powerpc/pseries/lpar: add missing RTAS retry status handling (bsc#1109158 ltc#169177 git-fixes).
  • powerpc/pseries/lparcfg: add missing RTAS retry status handling (bsc#1065729).
  • powerpc/rtas: ensure 4KB alignment for rtasdatabuf (bsc#1065729).
  • powerpc/vmlinux.lds: Define RUNTIMEDISCARDEXIT (bsc#1194869).
  • powerpc/vmlinux.lds: Do not discard .comment (bsc#1194869).
  • powerpc/vmlinux.lds: Do not discard .rela* for relocatable builds (bsc#1194869).
  • powerpc/xmon: Fix -Wswitch-unreachable warning in bpt_cmds (bsc#1194869).
  • powerpc: Remove linker flag from KBUILD_AFLAGS (bsc#1194869).
  • r8169: fix RTL8168H and RTL8107E rx crc error (git-fixes).
  • regulator: Handle deferred clk (git-fixes).
  • remove 'PCI: hv: Use async probing to reduce boot time' (bsc#1207185).
  • rpm/config.sh: Disable DT build. This setting has been ignored for non-default variants so far.
  • rpm/constraints.in: increase the disk size for armv6/7 to 24GB It grows and the build fails recently on SLE15-SP4/5.
  • s390/boot: simplify and fix kernel memory layout setup (bsc#1209600).
  • s390/dasd: fix no record found for rawtrackaccess (bsc#1207574).
  • s390/vfio-ap: fix memory leak in vfio_ap device driver (git-fixes).
  • sbitmap: Avoid lockups when waker gets preempted (bsc#1209118).
  • sched/psi: Fix use-after-free in epremovewait_queue() (bsc#1209799).
  • scsi: qla2xxx: Synchronize the IOCB count to be in order (bsc#1209292 bsc#1209684 bsc#1209556).
  • sctp: sctpsockfilter(): avoid list_entry() on possibly empty list (bsc#1208602, git-fixes).
  • serial: 8250: ASPEED_VUART: select REGMAP instead of depending on it (git-fixes).
  • serial: 8250: SERIAL8250ASPEEDVUART should depend on ARCHASPEED (git-fixes).
  • serial: fsl_lpuart: Fix comment typo (git-fixes).
  • smb3: fix unusable share after force unmount failure (bsc#1193629).
  • smb3: lower default deferred close timeout to address perf regression (bsc#1193629).
  • thunderbolt: Add missing UNSETINBOUNDSBTX for retimer access (git-fixes).
  • thunderbolt: Call tbcheckquirks() after initializing adapters (git-fixes).
  • thunderbolt: Disable interrupt auto clear for rings (git-fixes).
  • thunderbolt: Rename shadowed variables bit to interruptbit and autoclear_bit (git-fixes).
  • thunderbolt: Use const qualifier for ring_interrupt_index (git-fixes).
  • thunderbolt: Use scale field when allocating USB3 bandwidth (git-fixes).
  • tty: serial: fsllpuart: skip waiting for transmission complete when UARTCTRLSBK is asserted (git-fixes).
  • uas: Add USFLNOREPORTOPCODES for JMicron JMS583Gen 2 (git-fixes).
  • vdpasim: set lastusedidx as lastavailidx in vdpasimqueue_ready (git-fixes).
  • wifi: mac80211: fix qos on mesh interfaces (git-fixes).
  • x86/bug: Merge annotatereachable() into _BUGFLAGS() asm (git-fixes).
  • x86/fpu/xsave: Handle compacted offsets correctly with supervisor states (git-fixes).
  • x86/fpu/xstate: Fix the ARCHREQXCOMP_PERM implementation (git-fixes).
  • x86/fpu/xstate: Fix the ARCHREQXCOMP_PERM implementation (git-fixes).
  • x86/fpu: Cache xfeature flags from CPUID (git-fixes).
  • x86/fpu: Remove unused supervisor only offsets (git-fixes).
  • x86/kvm: Do not use pv tlb/ipi/sched_yield if on 1 vCPU (git-fixes).
  • x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes).
  • x86/mce: Allow instrumentation during task work queueing (git-fixes).
  • x86/mce: Mark mce_end() noinstr (git-fixes).
  • x86/mce: Mark mce_panic() noinstr (git-fixes).
  • x86/mce: Mark mcereadaux() noinstr (git-fixes).
  • x86/mm: Flush global TLB when switching to trampoline page-table (git-fixes).
  • x86/msr: Remove .fixup usage (git-fixes).
  • x86/sgx: Free backing memory after faulting the enclave page (git-fixes).
  • x86/sgx: Silence softlockup detection when releasing large enclaves (git-fixes).
  • x86/uaccess: Move variable into switch case statement (git-fixes).
  • x86: Annotate callonstack() (git-fixes).
  • x86: link vdso and boot with -z noexecstack --no-warn-rwx-segments (bsc#1203200).
  • xfs: convert ptag flags to unsigned (git-fixes).
  • xfs: do not assert fail on perag references on teardown (git-fixes).
  • xfs: do not leak btree cursor when insrec fails after a split (git-fixes).
  • xfs: pass the correct cursor to xfsiomapprealloc_size (git-fixes).
  • xfs: remove xfssetattrtime() declaration (git-fixes).
  • xfs: zero inode fork buffer at allocation (git-fixes).
  • xirc2pscs: Fix use after free bug in xirc2psdetach (git-fixes).
References

Affected packages

SUSE:Linux Enterprise Module for Public Cloud 15 SP4 / kernel-azure

Package

Name
kernel-azure
Purl
pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150400.14.43.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "5.14.21-150400.14.43.1",
            "kernel-azure-devel": "5.14.21-150400.14.43.1",
            "kernel-devel-azure": "5.14.21-150400.14.43.1",
            "kernel-syms-azure": "5.14.21-150400.14.43.1",
            "kernel-source-azure": "5.14.21-150400.14.43.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Public Cloud 15 SP4 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150400.14.43.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "5.14.21-150400.14.43.1",
            "kernel-azure-devel": "5.14.21-150400.14.43.1",
            "kernel-devel-azure": "5.14.21-150400.14.43.1",
            "kernel-syms-azure": "5.14.21-150400.14.43.1",
            "kernel-source-azure": "5.14.21-150400.14.43.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Public Cloud 15 SP4 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150400.14.43.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "5.14.21-150400.14.43.1",
            "kernel-azure-devel": "5.14.21-150400.14.43.1",
            "kernel-devel-azure": "5.14.21-150400.14.43.1",
            "kernel-syms-azure": "5.14.21-150400.14.43.1",
            "kernel-source-azure": "5.14.21-150400.14.43.1"
        }
    ]
}

openSUSE:Leap 15.4 / kernel-azure

Package

Name
kernel-azure
Purl
pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2015.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150400.14.43.1

Ecosystem specific

{
    "binaries": [
        {
            "reiserfs-kmp-azure": "5.14.21-150400.14.43.1",
            "kernel-devel-azure": "5.14.21-150400.14.43.1",
            "dlm-kmp-azure": "5.14.21-150400.14.43.1",
            "cluster-md-kmp-azure": "5.14.21-150400.14.43.1",
            "kernel-azure-extra": "5.14.21-150400.14.43.1",
            "gfs2-kmp-azure": "5.14.21-150400.14.43.1",
            "kernel-azure-optional": "5.14.21-150400.14.43.1",
            "kernel-azure-devel": "5.14.21-150400.14.43.1",
            "kernel-azure": "5.14.21-150400.14.43.1",
            "kselftests-kmp-azure": "5.14.21-150400.14.43.1",
            "kernel-syms-azure": "5.14.21-150400.14.43.1",
            "kernel-azure-livepatch-devel": "5.14.21-150400.14.43.1",
            "ocfs2-kmp-azure": "5.14.21-150400.14.43.1",
            "kernel-source-azure": "5.14.21-150400.14.43.1"
        }
    ]
}

openSUSE:Leap 15.4 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
pkg:rpm/opensuse/kernel-source-azure&distro=openSUSE%20Leap%2015.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150400.14.43.1

Ecosystem specific

{
    "binaries": [
        {
            "reiserfs-kmp-azure": "5.14.21-150400.14.43.1",
            "kernel-devel-azure": "5.14.21-150400.14.43.1",
            "dlm-kmp-azure": "5.14.21-150400.14.43.1",
            "cluster-md-kmp-azure": "5.14.21-150400.14.43.1",
            "kernel-azure-extra": "5.14.21-150400.14.43.1",
            "gfs2-kmp-azure": "5.14.21-150400.14.43.1",
            "kernel-azure-optional": "5.14.21-150400.14.43.1",
            "kernel-azure-devel": "5.14.21-150400.14.43.1",
            "kernel-azure": "5.14.21-150400.14.43.1",
            "kselftests-kmp-azure": "5.14.21-150400.14.43.1",
            "kernel-syms-azure": "5.14.21-150400.14.43.1",
            "kernel-azure-livepatch-devel": "5.14.21-150400.14.43.1",
            "ocfs2-kmp-azure": "5.14.21-150400.14.43.1",
            "kernel-source-azure": "5.14.21-150400.14.43.1"
        }
    ]
}

openSUSE:Leap 15.4 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
pkg:rpm/opensuse/kernel-syms-azure&distro=openSUSE%20Leap%2015.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150400.14.43.1

Ecosystem specific

{
    "binaries": [
        {
            "reiserfs-kmp-azure": "5.14.21-150400.14.43.1",
            "kernel-devel-azure": "5.14.21-150400.14.43.1",
            "dlm-kmp-azure": "5.14.21-150400.14.43.1",
            "cluster-md-kmp-azure": "5.14.21-150400.14.43.1",
            "kernel-azure-extra": "5.14.21-150400.14.43.1",
            "gfs2-kmp-azure": "5.14.21-150400.14.43.1",
            "kernel-azure-optional": "5.14.21-150400.14.43.1",
            "kernel-azure-devel": "5.14.21-150400.14.43.1",
            "kernel-azure": "5.14.21-150400.14.43.1",
            "kselftests-kmp-azure": "5.14.21-150400.14.43.1",
            "kernel-syms-azure": "5.14.21-150400.14.43.1",
            "kernel-azure-livepatch-devel": "5.14.21-150400.14.43.1",
            "ocfs2-kmp-azure": "5.14.21-150400.14.43.1",
            "kernel-source-azure": "5.14.21-150400.14.43.1"
        }
    ]
}