SUSE-SU-2023:3349-1

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

• CVE-2023-3609: Fixed reference counter leak leading to overflow in net/sched (bsc#1213586).
• CVE-2023-3611: Fixed an out-of-bounds write in net/sched sch_qfq(bsc#1213585).
• CVE-2023-3567: Fixed a use-after-free in vcsread in drivers/tty/vt/vcscreen.c (bsc#1213167).
• CVE-2023-0459: Fixed information leak in _uaccessbegin_nospec (bsc#1211738).
• CVE-2022-40982: Fixed transient execution attack called 'Gather Data Sampling' (bsc#1206418).
• CVE-2023-20593: Fixed a ZenBleed issue in 'Zen 2' CPUs that could allow an attacker to potentially access sensitive information (bsc#1213286).
• CVE-2023-2985: Fixed an use-after-free vulnerability in hfsplusputsuper in fs/hfsplus/super.c that could allow a local user to cause a denial of service (bsc#1211867).
• CVE-2023-35001: Fixed an out-of-bounds memory access flaw in nft_byteorder that could allow a local attacker to escalate their privilege (bsc#1213059).
• CVE-2023-20569: Fixed side channel attack ‘Inception’ or ‘RAS Poisoning’ (bsc#1213287).

The following non-security bugs were fixed:

• Get module prefix from kmod (bsc#1212835).
• USB: add NO_LPM quirk for Realforce 87U Keyboard (git-fixes).
• USB: core: add quirk for Alcor Link AK9563 smartcard reader (git-fixes).
• USB: core: hub: Disable autosuspend for Cypress CY7C65632 (git-fixes).
• USB: hcd-pci: Fully suspend across freeze/thaw cycle (git-fixes).
• USB: hub: Add delay for SuperSpeed hub resume to let links transit to U0 (git-fixes).
• USB: serial: option: add Fibocom FM160 0x0111 composition (git-fixes).
• USB: serial: option: add Quectel EM05-G (GR) modem (git-fixes).
• USB: serial: option: add Quectel EM05-G (RS) modem (git-fixes).
• USB: serial: option: add Sierra Wireless EM9191 (git-fixes).
• USB: serial: option: add u-blox LARA-R6 00B modem (git-fixes).
• blkcg, writeback: dead memcgs shouldn't contribute to writeback ownership arbitration (bsc#1213022).
• btrfs: fix resolving backrefs for inline extent followed by prealloc (bsc#1213133).
• delete suse/memcg-drop-kmem-limitinbytes. drop the patch in order to fix bsc#1213705.
• dlm: Delete an unnecessary variable initialisation in dlmlsstart() (git-fixes).
• dlm: NULL check before kmemcachedestroy is not needed (git-fixes).
• dlm: fix invalid cluster name warning (git-fixes).
• dlm: fix missing idrdestroy for recoveridr (git-fixes).
• dlm: fix missing lkb refcount handling (git-fixes).
• dlm: fix plock invalid read (git-fixes).
• dlm: fix possible call to kfree() for non-initialized pointer (git-fixes).
• ext4: Fix reusing stale buffer heads from last failed mounting (bsc#1213020).
• ext4: add inode table check in _ext4getinodeloc to aovid possible infinite loop (bsc#1207617).
• ext4: avoid BUG_ON when creating xattrs (bsc#1205496).
• ext4: avoid unaccounted block allocation when expanding inode (bsc#1207634).
• ext4: bail out of ext4xattribody_get() fails for any reason (bsc#1213018).
• ext4: fail ext4_iget if special inode unallocated (bsc#1213010).
• ext4: fix RENAME_WHITEOUT handling for inline directories (bsc#1210766).
• ext4: fix WARNING in ext4updateinline_data (bsc#1213012).
• ext4: fix bugon in _estreesearch caused by bad boot loader inode (bsc#1207620).
• ext4: fix cgroup writeback accounting with fs-layer encryption (bsc#1210765).
• ext4: fix deadlock due to mbcache entry corruption (bsc#1207653).
• ext4: fix error code return to user-space in ext4getbranch() (bsc#1207630).
• ext4: fix idisksize exceeding isize problem in paritally written case (bsc#1213015).
• ext4: fix to check return value of freezebdev() in ext4shutdown() (bsc#1213021).
• ext4: improve error recovery code paths in _ext4remount() (bsc#1213017).
• ext4: init quota for 'old.inode' in 'ext4_rename' (bsc#1207629).
• ext4: initialize quota before expanding inode in setproject ioctl (bsc#1207633).
• ext4: move where set the MAYINLINEDATA flag is set (bsc#1213011).
• ext4: only update ireserveddata_blocks on successful block allocation (bsc#1213019).
• ext4: zero i_disksize when initializing the bootloader inode (bsc#1213013).
• fs: dlm: cancel work sync othercon (git-fixes).
• fs: dlm: filter user dlm messages for kernel locks (git-fixes).
• fs: dlm: fix configfs memory leak (git-fixes).
• fs: dlm: fix debugfs dump (git-fixes).
• fs: dlm: fix memory leak when fenced (git-fixes).
• fs: dlm: fix race between testbit() and queuework() (git-fixes).
• fs: dlm: handle -EBUSY first in lock arg validation (git-fixes).
• fs: fix guardbioeod to check for real EOD errors (bsc#1213042).
• fs: prevent BUGON in submitbh_wbc() (bsc#1212990).
• fuse: revalidate: do not invalidate if interrupted (bsc#1213525).
• igb: revert rtnl_lock() that causes deadlock (git-fixes).
• include/trace/events/writeback.h: fix -Wstringop-truncation warnings (bsc#1213023).
• inotify: Avoid reporting event with invalid wd (bsc#1213025).
• jbd2: Fix statistics for the number of logged blocks (bsc#1212988).
• jbd2: abort journal if free a async write error metadata buffer (bsc#1212989).
• jbd2: fix assertion 'jh->bfrozendata == NULL' failure when journal aborted (bsc#1202716).
• jbd2: fix data races at struct journal_head (bsc#1173438).
• jbd2: fix invalid descriptor block checksum (bsc#1212987).
• jbd2: fix race when writing superblock (bsc#1212986).
• jdb2: Do not refuse invalidation of already invalidated buffers (bsc#1213014).
• kernel-docs: Add buildrequires on python3-base when using python3 The python3 binary is provided by python3-base.
• kernel-docs: Use python3 together with python3-Sphinx (bsc#1212741).
• lib/string: Add strscpy_pad() function (bsc#1213023).
• mbcache: Fixup kABI of mbcacheentry (bsc#1207653).
• memcg: drop kmem.limitinbytes (bsc#1208788, bsc#1212905).
• memcg: fix a crash in wb_workfn when a device disappears (bsc#1213023).
• net: mana: Add support for vlan tagging (bsc#1212301).
• ocfs2: check new file size on fallocate call (git-fixes).
• ocfs2: fix use-after-free when unmounting read-only filesystem (git-fixes).
• powerpc/64: update speculationstorebypass in /proc/<pid>/status (bsc#1188885 ltc#193722 git-fixes).
• powerpc/mm/dax: Fix the condition when checking if altmap vmemap can cross-boundary (bsc#1150305 ltc#176097 git-fixes).
• rpm/check-for-config-changes: ignore also PAHOLEHAS* We now also have options like CONFIGPAHOLEHASLANGEXCLUDE.
• s390/cio: check the subchannel validity for dev_busid (bsc#1207526).
• s390/cpum_sf: adjust sampling interval to avoid hitting sample limits (git-fixes bsc#1213827).
• s390/dasd: fix memleak in path handling error case (git-fixes bsc#1213221).
• s390/maccess: add no dat mode to kernel_write (git-fixes bsc#1213825).
• s390/numa: move initial setup of nodetocpumask_map (git-fixes bsc#1213766).
• s390/perf: Change CPUM_CF return code in event init function (git-fixes bsc#1213344).
• s390/perf: Return error when debug_register fails (git-fixes bsc#1212657).
• s390: limit brk randomization to 32MB (git-fixes bsc#1213346).
• scsi: qla2xxx: update version to 10.02.08.400-k (bsc#1213747).
• uas: add no-uas quirk for Hiksemi usb_disk (git-fixes).
• uas: ignore UAS for Thinkplus chips (git-fixes).
• ubi: Fix failure attaching when vid_hdr offset equals to (sub)page size (bsc#1210584).
• ubi: ensure that VID header offset + VID header size <= alloc, size (bsc#1210584).
• udf: Avoid double brelse() in udf_rename() (bsc#1213032).
• udf: Check consistency of Space Bitmap Descriptor (bsc#1210771).
• udf: Define EFSCORRUPTED error code (bsc#1213038).
• udf: Discard preallocation before extending file with a hole (bsc#1213036).
• udf: Do not bother looking for prealloc extents if ilenExtents matches isize (bsc#1213035).
• udf: Do not bother merging very long extents (bsc#1213040).
• udf: Do not update file length for failed writes to inline files (bsc#1213041).
• udf: Drop unused arguments of udfdeleteaext() (bsc#1213033).
• udf: Fix extending file within last block (bsc#1213037).
• udf: Fix preallocation discarding at indirect extent boundary (bsc#1213034).
• udf: Truncate added extents on failed expansion (bsc#1213039).
• update suse/s390-dasd-fix-no-record-found-for-rawtrackaccess (git-fixes bsc#1212266 bsc#1207528).
• update suse/scsi-zfcp-fix-missing-auto-port-scan-and-thus-missing-target-ports (git-fixes bsc#1202670).
• usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS (git-fixes).
• usrmerge: Adjust module path in the kernel sources (bsc#1212835).
• vfio-ccw: Do not call flush_workqueue while holding the spinlock (git-fixes bsc#1213218).
• vfio-ccw: fence off transport mode (git-fixes bsc#1213215).
• vfio-ccw: prevent quiesce function going into an infinite loop (git-fixes bsc#1213819).
• vfio-ccw: release any channel program when releasing/removing vfio-ccw mdev (git-fixes bsc#1213823).
• writeback: fix call of incorrect macro (bsc#1213024).
• x86/bugs: Enable STIBP for JMP2RET (git-fixes).
• x86/bugs: Remove apostrophe typo (git-fixes).
• x86/bugs: Warn when 'ibrs' mitigation is selected on Enhanced IBRS parts (git-fixes).
• x86/cpu: Load microcode during restoreprocessorstate() (git-fixes).
• x86/delay: Fix the wrong asm constraint in delay_loop() (git-fixes).
• x86/speculation/mmio: Print SMT warning (git-fixes).
• x86: Fix return value of __setup handlers (git-fixes).