The SUSE Linux Enterprise 12 SP5 AZURE kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
CVE-2023-2483: Fixed a use after free bug in emac_remove due caused by a race condition (bsc#1211037).
CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498).
CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).
CVE-2023-2162: Fixed an use-after-free flaw in iscsiswtcpsessioncreate (bsc#1210647).
CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).
CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150chargerremove (bsc#1210329).
CVE-2023-1855: Fixed a use after free in xgenehwmonremove (bsc#1210202).
CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).
CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).
CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).
CVE-2023-1611: Fixed an use-after-free flaw in btrfssearchslot (bsc#1209687).
CVE-2020-36691: Fixed a denial of service vulnerability via a nested Netlink policy with a back reference (bsc#1209777).
The following non-security bugs were fixed:
USB: dwc3: fix runtime pm imbalance on probe errors (git-fixes).
USB: dwc3: fix runtime pm imbalance on unbind (git-fixes).
ath10k: Fix error handling in case of CE pipe init failure (git-fixes).
ath10k: Fix missing frame timestamp for beacon/probe-resp (git-fixes).
ath10k: Fix the parsing error in service available event (git-fixes).
ath10k: add missing error return code in ath10kpciprobe() (git-fixes).
ath10k: fix control-message timeout (git-fixes).
ath10k: fix division by zero in send path (git-fixes).
ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern (git-fixes).
audit: improve audit queue handling when 'audit=1' on cmdline (bsc#1209969).
bpf, x86: Fix encoding for lower 8-bit registers in BPFSTX BPFB (git-fixes).
cachefiles: Drop superfluous readpages aops NULL check (bsc#1210430).
cachefiles: Fix page leak in cachefilesreadbacking_file while vmscan is active (bsc#1210430).
cachefiles: Fix race between readwaiter and readcopier involving op->to_do (bsc#1210430).