The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219434).
CVE-2023-51780: Fixed a use-after-free in dovccioctl in net/atm/ioctl.c, because of a vcc_recvmsg race condition (bsc#1218730).
CVE-2023-46838: Fixed an issue with Xen netback processing of zero-length transmit fragment (bsc#1218836).
CVE-2021-33631: Fixed an integer overflow in ext4writeinlinedataend() (bsc#1219412).
CVE-2023-47233: Fixed a use-after-free in the device unplugging (disconnect the USB by hotplug) code inside the brcm80211 component (bsc#1216702).
CVE-2023-51043: Fixed use-after-free during a race condition between a nonblocking atomic commit and a driver unload in drivers/gpu/drm/drm_atomic.c (bsc#1219120).
CVE-2024-0775: Fixed use-after-free in _ext4remount in fs/ext4/super.c that could allow a local user to cause an information leak problem while freeing the old quota file names before a potential failure (bsc#1219053).
CVE-2023-6040: Fixed an out-of-bounds access vulnerability while creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within nf_tables_newtable function (bsc#1218752).
CVE-2023-51782: Fixed use-after-free in roseioctl in net/rose/afrose.c because of a rose_accept race condition (bsc#1218757).
CVE-2024-0340: Fixed information disclosure in vhost/vhost.c:vhostnewmsg() (bsc#1218689).
CVE-2023-51042: Fixed use-after-free in amdgpucswaitallfences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c (bsc#1219128).
The following non-security bugs were fixed:
Store the old kernel changelog entries in kernel-docs package (bsc#1218713)
9p: missing chunk of 'fs/9p: Do not update file type when updating file attributes' (git-fixes).
gfs2: take jdata unstuff into account in do_grow (git-fixes).
gfs2atomicopen(): fix OEXCL|OCREAT handling on cold dcache (git-fixes).
gtp: change NETUDPTUNNEL dependency to select (git-fixes).
help_next should increase position index (git-fixes).
iomap: sub-block dio needs to zeroout beyond EOF (git-fixes).
kernfs: Separate kernfsprcontbuf and renamelock (git-fixes).
kernfs: bring names in comments in line with code (git-fixes).
kernfs: fix use-after-free in _kernfsremove (git-fixes).
libceph: use kernel_connect() (bsc#1219446).
libnvdimm/btt: Fix LBA masking during 'free list' population (git-fixes).
libnvdimm/btt: Fix a kmemdup failure check (git-fixes).
libnvdimm/btt: Remove unnecessary code in bttfreelistinit (git-fixes).
libnvdimm/btt: fix variable 'rc' set but not used (git-fixes).
libnvdimm/namespace: Fix a potential NULL pointer dereference (git-fixes).
libnvdimm/ofpmem: Use devmkstrdup instead of kstrdup and check its return value (git-fixes).
libnvdimm/pmem: Delete include of nd-core.h (git-fixes).
libnvdimm/pmem: fix a possible OOB access when read and write pmem (git-fixes).
libnvdimm/region: Fix label activation vs errors (git-fixes).
libnvdimm: Fix compilation warnings with W=1 (git-fixes).
libnvdimm: Out of bounds read in _ndioctl() (git-fixes).
libnvdimm: Validate command family indices (git-fixes).
libnvdimm: cover up changes in struct nvdimmbusdescriptor (git-fixes).
locks: print a warning when mount fails due to lack of 'mand' support (git-fixes).
mce: fix setmcenospec to always unmap the whole page (git-fixes).
mkspec: Include constraints for both multibuild and plain package always There is no need to check for multibuild flag, the constraints can be always generated for both cases.
mlx4: handle non-napi callers to napi_poll (git-fixes).