# Security update for the Linux Kernel Announcement ID: SUSE-SU-2023:4731-1 Rating: important References: * bsc#1084909 * bsc#1189998 * bsc#1210447 * bsc#1214286 * bsc#1214976 * bsc#1215124 * bsc#1215292 * bsc#1215420 * bsc#1215458 * bsc#1215710 * bsc#1216058 * bsc#1216105 * bsc#1216259 * bsc#1216584 * bsc#1216693 * bsc#1216759 * bsc#1216761 * bsc#1216844 * bsc#1216861 * bsc#1216909 * bsc#1216959 * bsc#1216965 * bsc#1216976 * bsc#1217036 * bsc#1217068 * bsc#1217086 * bsc#1217124 * bsc#1217140 * bsc#1217195 * bsc#1217200 * bsc#1217205 * bsc#1217332 * bsc#1217366 * bsc#1217515 * bsc#1217598 * bsc#1217599 * bsc#1217609 * bsc#1217687 * bsc#1217731 * bsc#1217780 * jsc#PED-3184 * jsc#PED-5021 * jsc#PED-7237 Cross-References: * CVE-2023-2006 * CVE-2023-25775 * CVE-2023-39197 * CVE-2023-39198 * CVE-2023-4244 * CVE-2023-45863 * CVE-2023-45871 * CVE-2023-46862 * CVE-2023-5158 * CVE-2023-5717 * CVE-2023-6039 * CVE-2023-6176 CVSS scores: * CVE-2023-2006 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-2006 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-25775 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2023-25775 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2023-39197 ( SUSE ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N * CVE-2023-39198 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2023-39198 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4244 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4244 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-45863 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-45863 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-45871 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45871 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-46862 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-46862 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-5158 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2023-5158 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2023-5717 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5717 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6039 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6039 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6176 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Real Time Module 15-SP4 An update that solves 12 vulnerabilities, contains three features and has 28 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-6176: Fixed a denial of service in the cryptographic algorithm scatterwalk functionality (bsc#1217332). * CVE-2023-2006: Fixed a race condition in the RxRPC network protocol (bsc#1210447). * CVE-2023-39197: Fixed a out-of-bounds read in nf_conntrack_dccp_packet() (bsc#1216976). * CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which could be exploited to achieve local privilege escalation (bsc#1215420). * CVE-2023-6039: Fixed a use-after-free in lan78xx_disconnect in drivers/net/usb/lan78xx.c (bsc#1217068). * CVE-2023-45863: Fixed a out-of-bounds write in fill_kobj_path() (bsc#1216058). * CVE-2023-5158: Fixed a denial of service in vringh_kiov_advance() in drivers/vhost/vringh.c in the host side of a virtio ring (bsc#1215710). * CVE-2023-45871: Fixed an issue in the IGB driver, where the buffer size may not be adequate for frames larger than the MTU (bsc#1216259). * CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the Performance Events component (bsc#1216584). * CVE-2023-39198: Fixed a race condition leading to use-after-free in qxl_mode_dumb_create() (bsc#1216965). * CVE-2023-25775: Fixed improper access control in the Intel Ethernet Controller RDMA driver (bsc#1216959). * CVE-2023-46862: Fixed a NULL pointer dereference in io_uring_show_fdinfo() (bsc#1216693). The following non-security bugs were fixed: * ACPI: FPDT: properly handle invalid FPDT subtables (git-fixes). * ACPI: resource: Do IRQ override on TongFang GMxXGxx (git-fixes). * ACPI: resource: Skip IRQ override on ASUS ExpertBook B1402CVA (git-fixes). * ACPI: sysfs: Fix create_pnp_modalias() and create_of_modalias() (git-fixes). * ALSA: hda/realtek - Add Dell ALC295 to pin fall back table (git-fixes). * ALSA: hda/realtek - Enable internal speaker of ASUS K6500ZC (git-fixes). * ALSA: hda/realtek: Add quirks for HP Laptops (git-fixes). * ALSA: hda/realtek: Enable Mute LED on HP 255 G10 (git-fixes). * ALSA: hda/realtek: Enable Mute LED on HP 255 G8 (git-fixes). * ALSA: hda: Disable power-save on KONTRON SinglePC (bsc#1217140). * ALSA: hda: Fix possible null-ptr-deref when assigning a stream (git-fixes). * ALSA: hda: cs35l41: Fix unbalanced pm_runtime_get() (git-fixes). * ALSA: hda: cs35l41: Undo runtime PM changes at driver exit time (git-fixes). * ALSA: hda: intel-dsp-config: Fix JSL Chromebook quirk detection (git-fixes). * ALSA: info: Fix potential deadlock at disconnection (git-fixes). * ARM: 9321/1: memset: cast the constant byte to unsigned char (git-fixes). * ASoC: Intel: Skylake: Fix mem leak when parsing UUIDs fails (git-fixes). * ASoC: ams-delta.c: use component after check (git-fixes). * ASoC: codecs: wsa-macro: fix uninitialized stack variables with name prefix (git-fixes). * ASoC: cs35l41: Undo runtime PM changes at driver exit time (git-fixes). * ASoC: cs35l41: Verify PM runtime resume errors in IRQ handler (git-fixes). * ASoC: fsl: Fix PM disable depth imbalance in fsl_easrc_probe (git-fixes). * ASoC: fsl: mpc5200_dma.c: Fix warning of Function parameter or member not described (git-fixes). * ASoC: hdmi-codec: register hpd callback on component probe (git-fixes). * ASoC: rt5650: fix the wrong result of key button (git-fixes). * ASoC: simple-card: fixup asoc_simple_probe() error handling (git-fixes). * ASoC: ti: omap-mcbsp: Fix runtime PM underflow warnings (git-fixes). * Bluetooth: btusb: Add 0bda:b85b for Fn-Link RTL8852BE (git-fixes). * Bluetooth: btusb: Add RTW8852BE device 13d3:3570 to device tables (git- fixes). * Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0cb8:0xc559 (git- fixes). * Bluetooth: btusb: Add date->evt_skb is NULL check (git-fixes). * Disable Loongson drivers Loongson is a mips architecture, it does not make sense to build Loongson drivers on other architectures. * Documentation: networking: correct possessive "its" (bsc#1215458). * Drivers: hv: vmbus: Remove unused extern declaration vmbus_ontimer() (git- fixes). * Ensure ia32_emulation is always enabled for kernel-obs-build If ia32_emulation is disabled by default, ensure it is enabled back for OBS kernel to allow building 32bit binaries (jsc#PED-3184) [ms: Always pass the parameter, no need to grep through the config which may not be very reliable] * Fix termination state for idr_for_each_entry_ul() (git-fixes). * HID: Add quirk for Dell Pro Wireless Keyboard and Mouse KM5221W (git-fixes). * HID: hyperv: Replace one-element array with flexible-array member (git- fixes). * HID: hyperv: avoid struct memcpy overrun warning (git-fixes). * HID: hyperv: remove unused struct synthhid_msg (git-fixes). * HID: lenovo: Detect quirk-free fw on cptkbd and stop applying workaround (git-fixes). * HID: logitech-hidpp: Do not restart IO, instead defer hid_connect() only (git-fixes). * HID: logitech-hidpp: Move get_wireless_feature_index() check to hidpp_connect_event() (git-fixes). * HID: logitech-hidpp: Remove HIDPP_QUIRK_NO_HIDINPUT quirk (git-fixes). * HID: logitech-hidpp: Revert "Do not restart communication if not necessary" (git-fixes). * Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() (git-fixes). * Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport (git- fixes). * Input: xpad - add VID for Turtle Beach controllers (git-fixes). * PCI/ASPM: Fix L1 substate handling in aspm_attr_store_common() (git-fixes). * PCI/sysfs: Protect driver's D3cold preference from user space (git-fixes). * PCI: Disable ATS for specific Intel IPU E2000 devices (bsc#1215458). * PCI: Extract ATS disabling to a helper function (bsc#1215458). * PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device (git- fixes). * PCI: Use FIELD_GET() in Sapphire RX 5600 XT Pulse quirk (git-fixes). * PCI: Use FIELD_GET() to extract Link Width (git-fixes). * PCI: exynos: Do not discard .remove() callback (git-fixes). * PCI: keystone: Do not discard .probe() callback (git-fixes). * PCI: keystone: Do not discard .remove() callback (git-fixes). * PCI: tegra194: Use FIELD_GET()/FIELD_PREP() with Link Width fields (git- fixes). * PM / devfreq: rockchip-dfi: Make pmu regmap mandatory (git-fixes). * PM: hibernate: Use __get_safe_page() rather than touching the list (git- fixes). * USB: dwc2: write HCINT with INTMASK applied (bsc#1214286). * USB: dwc3: qcom: fix ACPI platform device leak (git-fixes). * USB: dwc3: qcom: fix resource leaks on probe deferral (git-fixes). * USB: dwc3: qcom: fix software node leak on probe errors (git-fixes). * USB: dwc3: qcom: fix wakeup after probe deferral (git-fixes). * USB: serial: option: add Fibocom L7xx modules (git-fixes). * USB: serial: option: add Luat Air72*U series products (git-fixes). * USB: serial: option: do not claim interface 4 for ZTE MF290 (git-fixes). * USB: serial: option: fix FM101R-GL defines (git-fixes). * USB: usbip: fix stub_dev hub disconnect (git-fixes). * arm/xen: fix xen_vcpu_info allocation alignment (git-fixes). * arm64: Add Cortex-A520 CPU part definition (git-fixes) * arm64: allow kprobes on EL0 handlers (git-fixes) * arm64: armv8_deprecated move emulation functions (git-fixes) * arm64: armv8_deprecated: fix unused-function error (git-fixes) * arm64: armv8_deprecated: fold ops into insn_emulation (git-fixes) * arm64: armv8_deprecated: move aarch32 helper earlier (git-fixes) * arm64: armv8_deprecated: rework deprected instruction handling (git-fixes) * arm64: consistently pass ESR_ELx to die() (git-fixes) * arm64: die(): pass 'err' as long (git-fixes) * arm64: factor insn read out of call_undef_hook() (git-fixes) * arm64: factor out EL1 SSBS emulation hook (git-fixes) * arm64: report EL1 UNDEFs better (git-fixes) * arm64: rework BTI exception handling (git-fixes) * arm64: rework EL0 MRS emulation (git-fixes) * arm64: rework FPAC exception handling (git-fixes) * arm64: split EL0/EL1 UNDEF handlers (git-fixes) * ata: pata_isapnp: Add missing error check for devm_ioport_map() (git-fixes). * atl1c: Work around the DMA RX overflow issue (git-fixes). * atm: iphase: Do PCI error checks on own line (git-fixes). * blk-mq: Do not clear driver tags own mapping (bsc#1217366). * blk-mq: fix null pointer dereference in blk_mq_clear_rq_mapping() (bsc#1217366). * bluetooth: Add device 0bda:887b to device tables (git-fixes). * bluetooth: Add device 13d3:3571 to device tables (git-fixes). * can: dev: can_put_echo_skb(): do not crash kernel if can_priv::echo_skb is accessed out of bounds (git-fixes). * can: dev: can_restart(): do not crash kernel if carrier is OK (git-fixes). * can: dev: can_restart(): fix race condition between controller restart and netif_carrier_on() (git-fixes). * can: isotp: add local echo tx processing for consecutive frames (git-fixes). * can: isotp: fix race between isotp_sendsmg() and isotp_release() (git- fixes). * can: isotp: fix tx state handling for echo tx processing (git-fixes). * can: isotp: handle wait_event_interruptible() return values (git-fixes). * can: isotp: isotp_bind(): return -EINVAL on incorrect CAN ID formatting (git-fixes). * can: isotp: isotp_sendmsg(): fix TX state detection and wait behavior (git- fixes). * can: isotp: remove re-binding of bound socket (git-fixes). * can: isotp: sanitize CAN ID checks in isotp_bind() (git-fixes). * can: isotp: set max PDU size to 64 kByte (git-fixes). * can: isotp: split tx timer into transmission and timeout (git-fixes). * can: sja1000: Fix comment (git-fixes). * clk: Sanitize possible_parent_show to Handle Return Value of of_clk_get_parent_name (git-fixes). * clk: imx: Select MXC_CLK for CLK_IMX8QXP (git-fixes). * clk: imx: imx8mq: correct error handling path (git-fixes). * clk: imx: imx8qxp: Fix elcdif_pll clock (git-fixes). * clk: keystone: pll: fix a couple NULL vs IS_ERR() checks (git-fixes). * clk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data (git-fixes). * clk: mediatek: clk-mt6765: Add check for mtk_alloc_clk_data (git-fixes). * clk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data (git-fixes). * clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data (git-fixes). * clk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data (git-fixes). * clk: mediatek: clk-mt7629: Add check for mtk_alloc_clk_data (git-fixes). * clk: npcm7xx: Fix incorrect kfree (git-fixes). * clk: qcom: clk-rcg2: Fix clock rate overflow for high parent frequencies (git-fixes). * clk: qcom: config IPQ_APSS_6018 should depend on QCOM_SMEM (git-fixes). * clk: qcom: gcc-sm8150: Fix gcc_sdcc2_apps_clk_src (git-fixes). * clk: qcom: ipq6018: drop the CLK_SET_RATE_PARENT flag from PLL clocks (git- fixes). * clk: qcom: mmcc-msm8998: Do not check halt bit on some branch clks (git- fixes). * clk: qcom: mmcc-msm8998: Fix the SMMU GDSC (git-fixes). * clk: scmi: Free scmi_clk allocated when the clocks with invalid info are skipped (git-fixes). * clk: ti: Add ti_dt_clk_name() helper to use clock-output-names (git-fixes). * clk: ti: Update component clocks to use ti_dt_clk_name() (git-fixes). * clk: ti: Update pll and clockdomain clocks to use ti_dt_clk_name() (git- fixes). * clk: ti: change ti_clk_register_omap_hw API (git-fixes). * clk: ti: fix double free in of_ti_divider_clk_setup() (git-fixes). * crypto: caam/jr - fix Chacha20 + Poly1305 self test failure (git-fixes). * crypto: caam/qi2 - fix Chacha20 + Poly1305 self test failure (git-fixes). * crypto: hisilicon/hpre - Fix a erroneous check after snprintf() (git-fixes). * dmaengine: pxa_dma: Remove an erroneous BUG_ON() in pxad_free_desc() (git- fixes). * dmaengine: ste_dma40: Fix PM disable depth imbalance in d40_probe (git- fixes). * dmaengine: stm32-mdma: correct desc prep when channel running (git-fixes). * dmaengine: ti: edma: handle irq_of_parse_and_map() errors (git-fixes). * docs: net: move the probe and open/close sections of driver.rst up (bsc#1215458). * docs: net: reformat driver.rst from a list to sections (bsc#1215458). * docs: net: use C syntax highlight in driver.rst (bsc#1215458). * drm/amd/display: Avoid NULL dereference of timing generator (git-fixes). * drm/amd/display: Change the DMCUB mailbox memory location from FB to inbox (git-fixes). * drm/amd/display: remove useless check in should_enable_fbc() (git-fixes). * drm/amd/display: use full update for clip size increase of large plane source (git-fixes). * drm/amd/pm: Handle non-terminated overdrive commands (git-fixes). * drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga (git- fixes). * drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 (git-fixes). * drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL (git-fixes). * drm/amdgpu: Fix potential null pointer derefernce (git-fixes). * drm/amdgpu: do not use ATRM for external devices (git-fixes). * drm/amdgpu: fix error handling in amdgpu_bo_list_get() (git-fixes). * drm/amdgpu: fix software pci_unplug on some chips (git-fixes). * drm/amdkfd: Fix a race condition of vram buffer unref in svm code (git- fixes). * drm/amdkfd: Fix shift out-of-bounds issue (git-fixes). * drm/amdkfd: fix some race conditions in vram buffer alloc/free of svm code (git-fixes). * drm/bridge: Fix kernel-doc typo in desc of output_bus_cfg in drm_bridge_state (git-fixes). * drm/bridge: lt8912b: Add missing drm_bridge_attach call (git-fixes). * drm/bridge: lt8912b: Fix bridge_detach (git-fixes). * drm/bridge: lt8912b: Fix crash on bridge detach (git-fixes). * drm/bridge: lt8912b: Manually disable HPD only if it was enabled (git- fixes). * drm/bridge: lt8912b: Register and attach our DSI device at probe (git- fixes). * drm/bridge: lt8912b: Switch to devm MIPI-DSI helpers (git-fixes). * drm/bridge: lt9611uxc: Register and attach our DSI device at probe (git- fixes). * drm/bridge: lt9611uxc: Switch to devm MIPI-DSI helpers (git-fixes). * drm/bridge: lt9611uxc: fix the race in the error path (git-fixes). * drm/bridge: tc358768: Disable non-continuous clock mode (git-fixes). * drm/bridge: tc358768: Fix bit updates (git-fixes). * drm/bridge: tc358768: Fix use of uninitialized variable (git-fixes). * drm/gud: Use size_add() in call to struct_size() (git-fixes). * drm/i915/pmu: Check if pmu is closed before stopping event (git-fixes). * drm/i915: Fix potential spectre vulnerability (git-fixes). * drm/komeda: drop all currently held locks if deadlock happens (git-fixes). * drm/mediatek: Fix iommu fault by swapping FBs after updating plane state (git-fixes). * drm/mediatek: Fix iommu fault during crtc enabling (git-fixes). * drm/mipi-dsi: Create devm device attachment (git-fixes). * drm/mipi-dsi: Create devm device registration (git-fixes). * drm/msm/dp: skip validity check for DP CTS EDID checksum (git-fixes). * drm/panel/panel-tpo-tpg110: fix a possible null pointer dereference (git- fixes). * drm/panel: fix a possible null pointer dereference (git-fixes). * drm/panel: simple: Fix Innolux G101ICE-L01 bus flags (git-fixes). * drm/panel: simple: Fix Innolux G101ICE-L01 timings (git-fixes). * drm/panel: st7703: Pick different reset sequence (git-fixes). * drm/qxl: prevent memory leak (git-fixes). * drm/radeon: possible buffer overflow (git-fixes). * drm/rockchip: Fix type promotion bug in rockchip_gem_iommu_map() (git- fixes). * drm/rockchip: cdn-dp: Fix some error handling paths in cdn_dp_probe() (git- fixes). * drm/rockchip: vop: Fix call to crtc reset helper (git-fixes). * drm/rockchip: vop: Fix color for RGB888/BGR888 format on VOP full (git- fixes). * drm/rockchip: vop: Fix reset of state in duplicate state crtc funcs (git- fixes). * drm/syncobj: fix DRM_SYNCOBJ_WAIT_FLAGS_WAIT_AVAILABLE (git-fixes). * drm/vc4: fix typo (git-fixes). * drm: vmwgfx_surface.c: copy user-array safely (git-fixes). * dt-bindings: usb: hcd: add missing phy name to example (git-fixes). * dt-bindings: usb: qcom,dwc3: fix example wakeup interrupt types (git-fixes). * fbdev: fsl-diu-fb: mark wr_reg_wa() static (git-fixes). * fbdev: imsttfb: Fix error path of imsttfb_probe() (git-fixes). * fbdev: imsttfb: Release framebuffer and dealloc cmap on error path (git- fixes). * fbdev: imsttfb: fix a resource leak in probe (git-fixes). * fbdev: imsttfb: fix double free in probe() (git-fixes). * fbdev: omapfb: Drop unused remove function (git-fixes). * firewire: core: fix possible memory leak in create_units() (git-fixes). * firmware/imx-dsp: Fix use_after_free in imx_dsp_setup_channels() (git- fixes). * gpio: mockup: fix kerneldoc (git-fixes). * gpio: mockup: remove unused field (git-fixes). * hid: cp2112: Fix duplicate workqueue initialization (git-fixes). * hv: simplify sysctl registration (git-fixes). * hv_netvsc: Fix race of register_netdevice_notifier and VF register (git- fixes). * hv_netvsc: Mark VF as slave before exposing it to user-mode (git-fixes). * hv_netvsc: fix netvsc_send_completion to avoid multiple message length checks (git-fixes). * hv_netvsc: fix race of netvsc and VF register_netdevice (git-fixes). * hwmon: (coretemp) Fix potentially truncated sysfs attribute name (git- fixes). * i2c: aspeed: Fix i2c bus hang in slave read (git-fixes). * i2c: core: Run atomic i2c xfer when !preemptible (git-fixes). * i2c: designware: Disable TX_EMPTY irq while waiting for block length byte (git-fixes). * i2c: dev: copy userspace array safely (git-fixes). * i2c: i801: fix potential race in i801_block_transaction_byte_by_byte (git- fixes). * i2c: iproc: handle invalid slave state (git-fixes). * i2c: muxes: i2c-demux-pinctrl: Use of_get_i2c_adapter_by_node() (git-fixes). * i2c: muxes: i2c-mux-gpmux: Use of_get_i2c_adapter_by_node() (git-fixes). * i2c: muxes: i2c-mux-pinctrl: Use of_get_i2c_adapter_by_node() (git-fixes). * i2c: stm32f7: Fix PEC handling in case of SMBUS transfers (git-fixes). * i2c: sun6i-p2wi: Prevent potential division by zero (git-fixes). * i3c: Fix potential refcount leak in i3c_master_register_new_i3c_devs (git- fixes). * i3c: master: cdns: Fix reading status register (git-fixes). * i3c: master: mipi-i3c-hci: Fix a kernel panic for accessing DAT_data (git- fixes). * i3c: master: svc: fix SDA keep low when polling IBIWON timeout happen (git- fixes). * i3c: master: svc: fix check wrong status register in irq handler (git- fixes). * i3c: master: svc: fix ibi may not return mandatory data byte (git-fixes). * i3c: master: svc: fix race condition in ibi work thread (git-fixes). * i3c: master: svc: fix wrong data return when IBI happen during start frame (git-fixes). * i3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler (git- fixes). * i915/perf: Fix NULL deref bugs with drm_dbg() calls (git-fixes). * idpf: add RX splitq napi poll support (bsc#1215458). * idpf: add SRIOV support and other ndo_ops (bsc#1215458). * idpf: add TX splitq napi poll support (bsc#1215458). * idpf: add controlq init and reset checks (bsc#1215458). * idpf: add core init and interrupt request (bsc#1215458). * idpf: add create vport and netdev configuration (bsc#1215458). * idpf: add ethtool callbacks (bsc#1215458). * idpf: add module register and probe functionality (bsc#1215458). * idpf: add ptypes and MAC filter support (bsc#1215458). * idpf: add singleq start_xmit and napi poll (bsc#1215458). * idpf: add splitq start_xmit (bsc#1215458). * idpf: cancel mailbox work in error path (bsc#1215458). * idpf: configure resources for RX queues (bsc#1215458). * idpf: configure resources for TX queues (bsc#1215458). * idpf: fix potential use-after-free in idpf_tso() (bsc#1215458). * idpf: initialize interrupts and enable vport (bsc#1215458). * idpf: set scheduling mode for completion queue (bsc#1215458). * iio: adc: xilinx-xadc: Correct temperature offset/scale for UltraScale (git- fixes). * iio: adc: xilinx-xadc: Do not clobber preset voltage/temperature thresholds (git-fixes). * iio: exynos-adc: request second interupt only when touchscreen mode is used (git-fixes). * irqchip/stm32-exti: add missing DT IRQ flag translation (git-fixes). * kabi/severities: ignore kabi in rxrpc (bsc#1210447) The rxrpc module is built since SLE15-SP3 but it is not shipped as part of any SLE product, only in Leap (in kernel-*-optional). * kernel-binary: suse-module-tools is also required when installed Requires(pre) adds dependency for the specific sciptlet. However, suse- module-tools also ships modprobe.d files which may be needed at posttrans time or any time the kernel is on the system for generating ramdisk. Add plain Requires as well. * kernel-source: Move provides after sources * kernel/fork: beware of __put_task_struct() calling context (bsc#1189998 (PREEMPT_RT prerequisite backports)). * kernel/fork: beware of __put_task_struct() calling context (bsc#1216761). * leds: pwm: Do not disable the PWM when the LED should be off (git-fixes). * leds: trigger: ledtrig-cpu:: Fix 'output may be truncated' issue for 'cpu' (git-fixes). * leds: turris-omnia: Do not use SMBUS calls (git-fixes). * lsm: fix default return value for inode_getsecctx (git-fixes). * lsm: fix default return value for vm_enough_memory (git-fixes). * media: bttv: fix use after free error due to btv->timeout timer (git-fixes). * media: ccs: Correctly initialise try compose rectangle (git-fixes). * media: ccs: Fix driver quirk struct documentation (git-fixes). * media: cedrus: Fix clock/reset sequence (git-fixes). * media: cobalt: Use FIELD_GET() to extract Link Width (git-fixes). * media: gspca: cpia1: shift-out-of-bounds in set_flicker (git-fixes). * media: i2c: max9286: Fix some redundant of_node_put() calls (git-fixes). * media: imon: fix access to invalid resource for the second interface (git- fixes). * media: lirc: drop trailing space from scancode transmit (git-fixes). * media: qcom: camss: Fix VFE-17x vfe_disable_output() (git-fixes). * media: qcom: camss: Fix missing vfe_lite clocks check (git-fixes). * media: qcom: camss: Fix pm_domain_on sequence in probe (git-fixes). * media: qcom: camss: Fix vfe_get() error jump (git-fixes). * media: sharp: fix sharp encoding (git-fixes). * media: siano: Drop unnecessary error check for debugfs_create_dir/file() (git-fixes). * media: venus: hfi: add checks to handle capabilities from firmware (git- fixes). * media: venus: hfi: add checks to perform sanity on queue pointers (git- fixes). * media: venus: hfi: fix the check to handle session buffer requirement (git- fixes). * media: venus: hfi_parser: Add check to keep the number of codecs within range (git-fixes). * media: vidtv: mux: Add check and kfree for kstrdup (git-fixes). * media: vidtv: psi: Add check for kstrdup (git-fixes). * media: vivid: avoid integer overflow (git-fixes). * mfd: arizona-spi: Set pdata.hpdet_channel for ACPI enumerated devs (git- fixes). * mfd: core: Ensure disabled devices are skipped without aborting (git-fixes). * mfd: dln2: Fix double put in dln2_probe (git-fixes). * misc: fastrpc: Clean buffers on remote invocation failures (git-fixes). * misc: pci_endpoint_test: Add Device ID for R-Car S4-8 PCIe controller (git- fixes). * mm/hmm: fault non-owner device private entries (bsc#1216844, jsc#PED-7237, git-fixes). * mmc: block: Be sure to wait while busy in CQE error recovery (git-fixes). * mmc: block: Do not lose cache flush during CQE error recovery (git-fixes). * mmc: block: Retry commands in CQE error recovery (git-fixes). * mmc: cqhci: Fix task clearing in CQE error recovery (git-fixes). * mmc: cqhci: Increase recovery halt timeout (git-fixes). * mmc: cqhci: Warn of halt or task clear failure (git-fixes). * mmc: meson-gx: Remove setting of CMD_CFG_ERROR (git-fixes). * mmc: sdhci-pci-gli: A workaround to allow GL9750 to enter ASPM L1.2 (git- fixes). * mmc: sdhci-pci-gli: GL9750: Mask the replay timer timeout of AER (git- fixes). * mmc: sdhci_am654: fix start loop index for TAP value parsing (git-fixes). * mmc: vub300: fix an error code (git-fixes). * modpost: fix tee MODULE_DEVICE_TABLE built on big-endian host (git-fixes). * mt76: dma: use kzalloc instead of devm_kzalloc for txwi (git-fixes). * mtd: cfi_cmdset_0001: Byte swap OTP info (git-fixes). * mtd: rawnand: arasan: Include ECC syndrome along with in-band data while checking for ECC failure (git-fixes). * net-memcg: Fix scope of sockmem pressure indicators (bsc#1216759). * net: Avoid address overwrite in kernel_connect (bsc#1216861). * net: add macro netif_subqueue_completed_wake (bsc#1215458). * net: fix use-after-free in tw_timer_handler (bsc#1217195). * net: ieee802154: adf7242: Fix some potential buffer overflow in adf7242_stats_show() (git-fixes). * net: mana: Fix return type of mana_start_xmit() (git-fixes). * net: piggy back on the memory barrier in bql when waking queues (bsc#1215458). * net: provide macros for commonly copied lockless queue stop/wake code (bsc#1215458). * net: usb: ax88179_178a: fix failed operations during ax88179_reset (git- fixes). * net: usb: smsc95xx: Fix uninit-value access in smsc95xx_read_reg (git- fixes). * nvme: update firmware version after commit (bsc#1215292). * pcmcia: cs: fix possible hung task and memory leak pccardd() (git-fixes). * pcmcia: ds: fix possible name leak in error path in pcmcia_device_add() (git-fixes). * pcmcia: ds: fix refcount leak in pcmcia_device_add() (git-fixes). * pinctrl: avoid reload of p state in list iteration (git-fixes). * platform/x86: thinkpad_acpi: Add battery quirk for Thinkpad X120e (git- fixes). * platform/x86: wmi: Fix opening of char device (git-fixes). * platform/x86: wmi: Fix probe failure when failing to register WMI devices (git-fixes). * platform/x86: wmi: remove unnecessary initializations (git-fixes). * powerpc: Do not clobber f0/vs0 during fp|altivec register save (bsc#1217780). * pwm: Fix double shift bug (git-fixes). * pwm: brcmstb: Utilize appropriate clock APIs in suspend/resume (git-fixes). * pwm: sti: Reduce number of allocations and drop usage of chip_data (git- fixes). * r8152: Cancel hw_phy_work if we have an error in probe (git-fixes). * r8152: Check for unplug in r8153b_ups_en() / r8153c_ups_en() (git-fixes). * r8152: Check for unplug in rtl_phy_patch_request() (git-fixes). * r8152: Increase USB control msg timeout to 5000ms as per spec (git-fixes). * r8152: Release firmware if we have an error in probe (git-fixes). * r8152: Run the unload routine if we have errors during probe (git-fixes). * regmap: Ensure range selector registers are updated after cache sync (git- fixes). * regmap: debugfs: Fix a erroneous check after snprintf() (git-fixes). * regmap: prevent noinc writes from clobbering cache (git-fixes). * s390/ap: fix AP bus crash on early config change callback invocation (git- fixes bsc#1217687). * s390/cio: unregister device when the only path is gone (git-fixes bsc#1217609). * s390/cmma: fix detection of DAT pages (LTC#203997 bsc#1217086). * s390/cmma: fix handling of swapper_pg_dir and invalid_pg_dir (LTC#203997 bsc#1217086). * s390/cmma: fix initial kernel address space page table walk (LTC#203997 bsc#1217086). * s390/crashdump: fix TOD programmable field size (git-fixes bsc#1217205). * s390/dasd: fix hanging device after request requeue (git-fixes LTC#203629 bsc#1215124). * s390/dasd: protect device queue against concurrent access (git-fixes bsc#1217515). * s390/dasd: use correct number of retries for ERP requests (git-fixes bsc#1217598). * s390/ipl: add missing secure/has_secure file to ipl type 'unknown' (bsc#1214976 git-fixes). * s390/mm: add missing arch_set_page_dat() call to gmap allocations (LTC#203997 bsc#1217086). * s390/mm: add missing arch_set_page_dat() call to vmem_crst_alloc() (LTC#203997 bsc#1217086). * s390/pkey: fix/harmonize internal keyblob headers (git-fixes bsc#1217200). * s390/ptrace: fix PTRACE_GET_LAST_BREAK error handling (git-fixes bsc#1217599). * sbsa_gwdt: Calculate timeout with 64-bit math (git-fixes). * scsi: lpfc: Copyright updates for 14.2.0.16 patches (bsc#1217731). * scsi: lpfc: Correct maximum PCI function value for RAS fw logging (bsc#1217731). * scsi: lpfc: Eliminate unnecessary relocking in lpfc_check_nlp_post_devloss() (bsc#1217731). * scsi: lpfc: Enhance driver logging for selected discovery events (bsc#1217731). * scsi: lpfc: Fix list_entry null check warning in lpfc_cmpl_els_plogi() (bsc#1217731). * scsi: lpfc: Fix possible file string name overflow when updating firmware (bsc#1217731). * scsi: lpfc: Introduce LOG_NODE_VERBOSE messaging flag (bsc#1217124). * scsi: lpfc: Refactor and clean up mailbox command memory free (bsc#1217731). * scsi: lpfc: Reject received PRLIs with only initiator fcn role for NPIV ports (bsc#1217124). * scsi: lpfc: Remove unnecessary zero return code assignment in lpfc_sli4_hba_setup (bsc#1217124). * scsi: lpfc: Return early in lpfc_poll_eratt() when the driver is unloading (bsc#1217731). * scsi: lpfc: Treat IOERR_SLI_DOWN I/O completion status the same as pci offline (bsc#1217124). * scsi: lpfc: Update lpfc version to 14.2.0.15 (bsc#1217124). * scsi: lpfc: Update lpfc version to 14.2.0.16 (bsc#1217731). * scsi: lpfc: Validate ELS LS_ACC completion payload (bsc#1217124). * scsi: qla2xxx: Fix double free of dsd_list during driver load (git-fixes). * scsi: qla2xxx: Use FIELD_GET() to extract PCIe capability fields (git- fixes). * selftests/efivarfs: create-read: fix a resource leak (git-fixes). * selftests/pidfd: Fix ksft print formats (git-fixes). * selftests/resctrl: Ensure the benchmark commands fits to its array (git- fixes). * selftests/resctrl: Reduce failures due to outliers in MBA/MBM tests (git- fixes). * selftests/resctrl: Remove duplicate feature check from CMT test (git-fixes). * seq_buf: fix a misleading comment (git-fixes). * serial: exar: Revert "serial: exar: Add support for Sealevel 7xxxC serial cards" (git-fixes). * serial: meson: Use platform_get_irq() to get the interrupt (git-fixes). * soc: qcom: llcc: Handle a second device without data corruption (git-fixes). * spi: nxp-fspi: use the correct ioremap function (git-fixes). * spi: spi-zynq-qspi: add spi-mem to driver kconfig dependencies (git-fixes). * spi: tegra: Fix missing IRQ check in tegra_slink_probe() (git-fixes). * staging: media: ipu3: remove ftrace-like logging (git-fixes). * string.h: add array-wrappers for (v)memdup_user() (git-fixes). * supported.conf: marked idpf supported * thermal: core: prevent potential string overflow (git-fixes). * treewide: Spelling fix in comment (git-fixes). * tty/sysrq: replace smp_processor_id() with get_cpu() (git-fixes). * tty: 8250: Add Brainboxes Oxford Semiconductor-based quirks (git-fixes). * tty: 8250: Add support for Brainboxes UP cards (git-fixes). * tty: 8250: Add support for Intashield IS-100 (git-fixes). * tty: 8250: Add support for Intashield IX cards (git-fixes). * tty: 8250: Add support for additional Brainboxes PX cards (git-fixes). * tty: 8250: Add support for additional Brainboxes UC cards (git-fixes). * tty: 8250: Fix port count of PX-257 (git-fixes). * tty: 8250: Fix up PX-803/PX-857 (git-fixes). * tty: 8250: Remove UC-257 and UC-431 (git-fixes). * tty: Fix uninit-value access in ppp_sync_receive() (git-fixes). * tty: n_gsm: fix race condition in status line change on dead connections (git-fixes). * tty: serial: meson: fix hard LOCKUP on crtscts mode (git-fixes). * tty: tty_jobctrl: fix pid memleak in disassociate_ctty() (git-fixes). * tty: vcc: Add check for kstrdup() in vcc_probe() (git-fixes). * usb: cdnsp: Fix deadlock issue during using NCM gadget (git-fixes). * usb: chipidea: Fix DMA overwrite for Tegra (git-fixes). * usb: chipidea: Simplify Tegra DMA alignment code (git-fixes). * usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency (git-fixes). * usb: dwc3: Fix default mode initialization (git-fixes). * usb: dwc3: set the dma max_seg_size (git-fixes). * usb: gadget: f_ncm: Always set current gadget in ncm_bind() (git-fixes). * usb: raw-gadget: properly handle interrupted requests (git-fixes). * usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility (git-fixes). * usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm() (git- fixes). * usb: typec: tcpm: Skip hard reset when in error recovery (git-fixes). * virtchnl: add virtchnl version 2 ops (bsc#1215458). * wifi: ath10k: Do not touch the CE interrupt registers after power up (git- fixes). * wifi: ath10k: fix clang-specific fortify warning (git-fixes). * wifi: ath11k: debugfs: fix to work with multiple PCI devices (git-fixes). * wifi: ath11k: fix dfs radar event locking (git-fixes). * wifi: ath11k: fix htt pktlog locking (git-fixes). * wifi: ath11k: fix temperature event locking (git-fixes). * wifi: ath9k: fix clang-specific fortify warnings (git-fixes). * wifi: iwlwifi: Use FW rate for non-data frames (git-fixes). * wifi: iwlwifi: call napi_synchronize() before freeing rx/tx queues (git- fixes). * wifi: iwlwifi: empty overflow queue during flush (git-fixes). * wifi: iwlwifi: honor the enable_ini value (git-fixes). * wifi: iwlwifi: pcie: synchronize IRQs before NAPI (git-fixes). * wifi: mac80211: do not return unset power in ieee80211_get_tx_power() (git- fixes). * wifi: mac80211: fix # of MSDU in A-MSDU calculation (git-fixes). * wifi: mt76: mt7603: rework/fix rx pse hang check (git-fixes). * wifi: rtlwifi: fix EDCA limit set by BT coexistence (git-fixes). * wifi: rtw88: debug: Fix the NULL vs IS_ERR() bug for debugfs_create_file() (git-fixes). * x86/alternative: Add a __alt_reloc_selftest() prototype (git-fixes). * x86/cpu: Fix AMD erratum #1485 on Zen4-based CPUs (git-fixes). * x86/fpu: Set X86_FEATURE_OSXSAVE feature after enabling OSXSAVE in CR4 (git- fixes). * x86/hyperv: Add HV_EXPOSE_INVARIANT_TSC define (git-fixes). * x86/hyperv: Improve code for referencing hyperv_pcpu_input_arg (git-fixes). * x86/hyperv: Make hv_get_nmi_reason public (git-fixes). * x86/hyperv: fix a warning in mshyperv.h (git-fixes). * x86/sev: Do not try to parse for the CC blob on non-AMD hardware (git- fixes). * x86/sev: Fix calculation of end address based on number of pages (git- fixes). * x86/sev: Use the GHCB protocol when available for SNP CPUID requests (git- fixes). * x86: Move gds_ucode_mitigated() declaration to header (git-fixes). * xfs: add attr state machine tracepoints (git-fixes). * xfs: can't use kmem_zalloc() for attribute buffers (bsc#1216909). * xfs: constify btree function parameters that are not modified (git-fixes). * xfs: convert AGF log flags to unsigned (git-fixes). * xfs: convert AGI log flags to unsigned (git-fixes). * xfs: convert attr type flags to unsigned (git-fixes). * xfs: convert bmap extent type flags to unsigned (git-fixes). * xfs: convert bmapi flags to unsigned (git-fixes). * xfs: convert btree buffer log flags to unsigned (git-fixes). * xfs: convert buffer flags to unsigned (git-fixes). * xfs: convert buffer log item flags to unsigned (git-fixes). * xfs: convert da btree operations flags to unsigned (git-fixes). * xfs: convert dquot flags to unsigned (git-fixes). * xfs: convert inode lock flags to unsigned (git-fixes). * xfs: convert log item tracepoint flags to unsigned (git-fixes). * xfs: convert log ticket and iclog flags to unsigned (git-fixes). * xfs: convert quota options flags to unsigned (git-fixes). * xfs: convert scrub type flags to unsigned (git-fixes). * xfs: disambiguate units for ftrace fields tagged "blkno", "block", or "bno" (git-fixes). * xfs: disambiguate units for ftrace fields tagged "count" (git-fixes). * xfs: disambiguate units for ftrace fields tagged "len" (git-fixes). * xfs: disambiguate units for ftrace fields tagged "offset" (git-fixes). * xfs: make the key parameters to all btree key comparison functions const (git-fixes). * xfs: make the key parameters to all btree query range functions const (git- fixes). * xfs: make the keys and records passed to btree inorder functions const (git- fixes). * xfs: make the pointer passed to btree set_root functions const (git-fixes). * xfs: make the start pointer passed to btree alloc_block functions const (git-fixes). * xfs: make the start pointer passed to btree update_lastrec functions const (git-fixes). * xfs: mark the record passed into btree init_key functions as const (git- fixes). * xfs: mark the record passed into xchk_btree functions as const (git-fixes). * xfs: remove xfs_btree_cur_t typedef (git-fixes). * xfs: rename i_disk_size fields in ftrace output (git-fixes). * xfs: resolve fork names in trace output (git-fixes). * xfs: standardize AG block number formatting in ftrace output (git-fixes). * xfs: standardize AG number formatting in ftrace output (git-fixes). * xfs: standardize daddr formatting in ftrace output (git-fixes). * xfs: standardize inode generation formatting in ftrace output (git-fixes). * xfs: standardize inode number formatting in ftrace output (git-fixes). * xfs: standardize remaining xfs_buf length tracepoints (git-fixes). * xfs: standardize rmap owner number formatting in ftrace output (git-fixes). * xhci: Enable RPM on controllers that support low-power states (git-fixes). * xhci: Loosen RPM as default policy to cover for AMD xHC 1.1 (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2023-4731=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2023-4731=1 * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-4731=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2023-4731=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2023-4731=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2023-4731=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2023-4731=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2023-4731=1 * SUSE Real Time Module 15-SP4 zypper in -t patch SUSE-SLE-Module-RT-15-SP4-2023-4731=1 ## Package List: * openSUSE Leap Micro 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.62.1 * openSUSE Leap Micro 5.3 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.62.1 * kernel-rt-debugsource-5.14.21-150400.15.62.1 * openSUSE Leap Micro 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.62.1 * openSUSE Leap Micro 5.4 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.62.1 * kernel-rt-debugsource-5.14.21-150400.15.62.1 * openSUSE Leap 15.4 (x86_64) * cluster-md-kmp-rt-5.14.21-150400.15.62.1 * dlm-kmp-rt-debuginfo-5.14.21-150400.15.62.1 * kernel-rt-debuginfo-5.14.21-150400.15.62.1 * ocfs2-kmp-rt-5.14.21-150400.15.62.1 * kernel-rt_debug-debuginfo-5.14.21-150400.15.62.1 * kernel-rt-debugsource-5.14.21-150400.15.62.1 * kernel-syms-rt-5.14.21-150400.15.62.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150400.15.62.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150400.15.62.1 * gfs2-kmp-rt-5.14.21-150400.15.62.1 * kernel-rt_debug-debugsource-5.14.21-150400.15.62.1 * kernel-rt-devel-5.14.21-150400.15.62.1 * kernel-rt_debug-devel-5.14.21-150400.15.62.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150400.15.62.1 * kernel-rt-devel-debuginfo-5.14.21-150400.15.62.1 * dlm-kmp-rt-5.14.21-150400.15.62.1 * gfs2-kmp-rt-debuginfo-5.14.21-150400.15.62.1 * openSUSE Leap 15.4 (noarch) * kernel-source-rt-5.14.21-150400.15.62.1 * kernel-devel-rt-5.14.21-150400.15.62.1 * openSUSE Leap 15.4 (nosrc x86_64) * kernel-rt_debug-5.14.21-150400.15.62.1 * kernel-rt-5.14.21-150400.15.62.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.62.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.62.1 * kernel-rt-debugsource-5.14.21-150400.15.62.1 * SUSE Linux Enterprise Micro 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.62.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.62.1 * kernel-rt-debugsource-5.14.21-150400.15.62.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.62.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.62.1 * kernel-rt-debugsource-5.14.21-150400.15.62.1 * SUSE Linux Enterprise Micro 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.62.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.62.1 * kernel-rt-debugsource-5.14.21-150400.15.62.1 * SUSE Linux Enterprise Live Patching 15-SP4 (x86_64) * kernel-livepatch-5_14_21-150400_15_62-rt-1-150400.1.3.1 * kernel-livepatch-5_14_21-150400_15_62-rt-debuginfo-1-150400.1.3.1 * kernel-livepatch-SLE15-SP4-RT_Update_16-debugsource-1-150400.1.3.1 * SUSE Real Time Module 15-SP4 (x86_64) * cluster-md-kmp-rt-5.14.21-150400.15.62.1 * dlm-kmp-rt-debuginfo-5.14.21-150400.15.62.1 * kernel-rt-debuginfo-5.14.21-150400.15.62.1 * ocfs2-kmp-rt-5.14.21-150400.15.62.1 * kernel-rt_debug-debuginfo-5.14.21-150400.15.62.1 * kernel-rt-debugsource-5.14.21-150400.15.62.1 * kernel-syms-rt-5.14.21-150400.15.62.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150400.15.62.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150400.15.62.1 * gfs2-kmp-rt-5.14.21-150400.15.62.1 * kernel-rt_debug-debugsource-5.14.21-150400.15.62.1 * kernel-rt-devel-5.14.21-150400.15.62.1 * kernel-rt_debug-devel-5.14.21-150400.15.62.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150400.15.62.1 * kernel-rt-devel-debuginfo-5.14.21-150400.15.62.1 * dlm-kmp-rt-5.14.21-150400.15.62.1 * gfs2-kmp-rt-debuginfo-5.14.21-150400.15.62.1 * SUSE Real Time Module 15-SP4 (noarch) * kernel-source-rt-5.14.21-150400.15.62.1 * kernel-devel-rt-5.14.21-150400.15.62.1 * SUSE Real Time Module 15-SP4 (nosrc x86_64) * kernel-rt_debug-5.14.21-150400.15.62.1 * kernel-rt-5.14.21-150400.15.62.1 ## References: * https://www.suse.com/security/cve/CVE-2023-2006.html * https://www.suse.com/security/cve/CVE-2023-25775.html * https://www.suse.com/security/cve/CVE-2023-39197.html * https://www.suse.com/security/cve/CVE-2023-39198.html * https://www.suse.com/security/cve/CVE-2023-4244.html * https://www.suse.com/security/cve/CVE-2023-45863.html * https://www.suse.com/security/cve/CVE-2023-45871.html * https://www.suse.com/security/cve/CVE-2023-46862.html * https://www.suse.com/security/cve/CVE-2023-5158.html * https://www.suse.com/security/cve/CVE-2023-5717.html * https://www.suse.com/security/cve/CVE-2023-6039.html * https://www.suse.com/security/cve/CVE-2023-6176.html * https://bugzilla.suse.com/show_bug.cgi?id=1084909 * https://bugzilla.suse.com/show_bug.cgi?id=1189998 * https://bugzilla.suse.com/show_bug.cgi?id=1210447 * https://bugzilla.suse.com/show_bug.cgi?id=1214286 * https://bugzilla.suse.com/show_bug.cgi?id=1214976 * https://bugzilla.suse.com/show_bug.cgi?id=1215124 * https://bugzilla.suse.com/show_bug.cgi?id=1215292 * https://bugzilla.suse.com/show_bug.cgi?id=1215420 * https://bugzilla.suse.com/show_bug.cgi?id=1215458 * https://bugzilla.suse.com/show_bug.cgi?id=1215710 * https://bugzilla.suse.com/show_bug.cgi?id=1216058 * https://bugzilla.suse.com/show_bug.cgi?id=1216105 * https://bugzilla.suse.com/show_bug.cgi?id=1216259 * https://bugzilla.suse.com/show_bug.cgi?id=1216584 * https://bugzilla.suse.com/show_bug.cgi?id=1216693 * https://bugzilla.suse.com/show_bug.cgi?id=1216759 * https://bugzilla.suse.com/show_bug.cgi?id=1216761 * https://bugzilla.suse.com/show_bug.cgi?id=1216844 * https://bugzilla.suse.com/show_bug.cgi?id=1216861 * https://bugzilla.suse.com/show_bug.cgi?id=1216909 * https://bugzilla.suse.com/show_bug.cgi?id=1216959 * https://bugzilla.suse.com/show_bug.cgi?id=1216965 * https://bugzilla.suse.com/show_bug.cgi?id=1216976 * https://bugzilla.suse.com/show_bug.cgi?id=1217036 * https://bugzilla.suse.com/show_bug.cgi?id=1217068 * https://bugzilla.suse.com/show_bug.cgi?id=1217086 * https://bugzilla.suse.com/show_bug.cgi?id=1217124 * https://bugzilla.suse.com/show_bug.cgi?id=1217140 * https://bugzilla.suse.com/show_bug.cgi?id=1217195 * https://bugzilla.suse.com/show_bug.cgi?id=1217200 * https://bugzilla.suse.com/show_bug.cgi?id=1217205 * https://bugzilla.suse.com/show_bug.cgi?id=1217332 * https://bugzilla.suse.com/show_bug.cgi?id=1217366 * https://bugzilla.suse.com/show_bug.cgi?id=1217515 * https://bugzilla.suse.com/show_bug.cgi?id=1217598 * https://bugzilla.suse.com/show_bug.cgi?id=1217599 * https://bugzilla.suse.com/show_bug.cgi?id=1217609 * https://bugzilla.suse.com/show_bug.cgi?id=1217687 * https://bugzilla.suse.com/show_bug.cgi?id=1217731 * https://bugzilla.suse.com/show_bug.cgi?id=1217780 * https://jira.suse.com/browse/PED-3184 * https://jira.suse.com/browse/PED-5021 * https://jira.suse.com/browse/PED-7237