The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2022-40982: Fixed transient execution attack called 'Gather Data Sampling' (bsc#1206418).
- CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec (bsc#1211738).
- CVE-2023-20569: Fixed side channel attack ‘Inception’ or ‘RAS Poisoning’ (bsc#1213287).
- CVE-2023-3567: Fixed a use-after-free in vcs_read in drivers/tty/vt/vc_screen.c (bsc#1213167).
- CVE-2023-3609: Fixed reference counter leak leading to overflow in net/sched (bsc#1213586).
- CVE-2023-3611: Fixed an out-of-bounds write in net/sched sch_qfq(bsc#1213585).
- CVE-2023-3776: Fixed improper refcount update in cls_fw leads to use-after-free (bsc#1213588).
The following non-security bugs were fixed:
- fix double fget() in vhost_net_set_backend() (git-fixes).
- nfsv4.1: always send a reclaim_complete after establishing lease (git-fixes).
- sunrpc: fix uaf in svc_tcp_listen_data_ready() (git-fixes).
- sunrpc: remove the maximum number of retries in call_bind_status (git-fixes).
- update suse/s390-dasd-fix-no-record-found-for-raw_track_access (git-fixes bsc#1212266 bsc#1207528).
- update suse/scsi-zfcp-fix-missing-auto-port-scan-and-thus-missing-target-ports (git-fixes bsc#1202670).
- block: fix a source code comment in include/uapi/linux/blkzoned.h (git-fixes).
- kabi fix test
- kernel-binary.spec.in: remove superfluous %% in supplements fixes: 02b7735e0caf ('rpm/kernel-binary.spec.in: add enhances and supplements tags to in-tree kmps')
- livepatch: check kzalloc return values (git-fixes).
- media: videodev2.h: fix struct v4l2_input tuner index comment (git-fixes).
- net/sched: sch_qfq: refactor parsing of netlink parameters (bsc#1213585).
- net: skip virtio_net_hdr_set_proto if protocol already set (git-fixes).
- net: virtio_net_hdr_to_skb: count transport header in ufo (git-fixes).
- nfsd: fix double fget() bug in __write_ports_addfd() (git-fixes).
-...