Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.6625
Security update for the Linux Kernel
20 December 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Linux Kernel
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2022-45934 CVE-2022-43945 CVE-2022-42896
CVE-2022-42895 CVE-2022-42329 CVE-2022-42328
CVE-2022-41858 CVE-2022-41850 CVE-2022-28693
CVE-2022-4378 CVE-2022-4095 CVE-2022-3903
CVE-2022-3643 CVE-2022-3635 CVE-2022-3628
CVE-2022-3567
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20224566-1
Comment: CVSS (Max): 8.8 CVE-2022-43945 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4566-1
Rating: important
References: #1065729 #1071995 #1106594 #1156395 #1164051 #1184350
#1199365 #1200845 #1201455 #1203183 #1203746 #1203860
#1203960 #1204017 #1204142 #1204414 #1204446 #1204631
#1204636 #1204810 #1204850 #1204868 #1204963 #1205006
#1205128 #1205130 #1205220 #1205234 #1205264 #1205473
#1205514 #1205617 #1205671 #1205705 #1205709 #1205796
#1205901 #1205902 #1205903 #1205904 #1205905 #1205906
#1205907 #1205908 #1206032 #1206037 #1206113 #1206114
#1206117 #1206118 #1206119 #1206120 #1206207 #1206213
Cross-References: CVE-2022-28693 CVE-2022-3567 CVE-2022-3628 CVE-2022-3635
CVE-2022-3643 CVE-2022-3903 CVE-2022-4095 CVE-2022-41850
CVE-2022-41858 CVE-2022-42328 CVE-2022-42329 CVE-2022-42895
CVE-2022-42896 CVE-2022-4378 CVE-2022-43945 CVE-2022-45934
Affected Products:
SUSE Linux Enterprise Desktop 12-SP5
SUSE Linux Enterprise High Availability 12-SP5
SUSE Linux Enterprise High Performance Computing 12-SP5
SUSE Linux Enterprise Live Patching 12-SP5
SUSE Linux Enterprise Server 12-SP5
SUSE Linux Enterprise Server for SAP Applications 12-SP5
SUSE Linux Enterprise Software Development Kit 12-SP5
SUSE Linux Enterprise Workstation Extension 12-SP5
______________________________________________________________________________
An update that solves 16 vulnerabilities and has 38 fixes is now available.
Description:
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security
and bugfixes.
The following security bugs were fixed:
o CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec (bsc#1206207).
o CVE-2022-42328: Guests could trigger denial of service via the netback
driver (bsc#1206114).
o CVE-2022-42329: Guests could trigger denial of service via the netback
driver (bsc#1206113).
o CVE-2022-3643: Guests could trigger NIC interface reset/abort/crash via
netback driver (bsc#1206113).
o CVE-2022-3635: Fixed a use-after-free in the tst_timer() of the file
drivers/atm/idt77252.c (bsc#1204631).
o CVE-2022-41850: Fixed a race condition in roccat_report_event() in drivers/
hid/hid-roccat.c (bsc#1203960).
o CVE-2022-45934: Fixed a integer wraparound via L2CAP_CONF_REQ packets in
l2cap_config_req in net/bluetooth/l2cap_core.c (bsc#1205796).
o CVE-2022-3628: Fixed potential buffer overflow in brcmf_fweh_event_worker()
in wifi/brcmfmac (bsc#1204868).
o CVE-2022-3567: Fixed a to race condition in inet6_stream_ops()/
inet6_dgram_ops() (bsc#1204414).
o CVE-2022-41858: Fixed a denial of service in sl_tx_timeout() in drivers/net
/slip (bsc#1205671).
o CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#
1205128).
o CVE-2022-4095: Fixed a use-after-free in rtl8712 driver (bsc#1205514).
o CVE-2022-3903: Fixed a denial of service with the Infrared Transceiver USB
driver (bsc#1205220).
o CVE-2022-42895: Fixed an information leak in the net/bluetooth/
l2cap_core.c's l2cap_parse_conf_req() which can be used to leak kernel
pointers remotely (bsc#1205705).
o CVE-2022-42896: Fixed a use-after-free vulnerability in the net/bluetooth/
l2cap_core.c's l2cap_connect() and l2cap_le_connect_req() which may have
allowed code execution and leaking kernel memory (respectively) remotely
via Bluetooth (bsc#1205709).
The following non-security bugs were fixed:
o Drivers: hv: vmbus: Add VMbus IMC device to unsupported list (git-fixes).
o Drivers: hv: vmbus: Add vmbus_requestor data structure for VMBus hardening
(bsc#1204017, bsc#1205617).
o Drivers: hv: vmbus: Drop error message when 'No request id available' (bsc#
1204017).
o Drivers: hv: vmbus: Fix handling of messages with transaction ID of zero
(bsc#1204017).
o Drivers: hv: vmbus: Fix potential crash on module unload (git-fixes).
o Drivers: hv: vmbus: Introduce vmbus_request_addr_match() (bsc#1204017, bsc#
1205617).
o Drivers: hv: vmbus: Introduce vmbus_sendpacket_getid() (bsc#1204017, bsc#
1205617).
o Drivers: hv: vmbus: Introduce {lock,unlock}_requestor() (bsc#1204017, bsc#
1205617).
o Drivers: hv: vmbus: Move __vmbus_open() (bsc#1204017).
o Drivers: hv: vmbus: Prevent load re-ordering when reading ring buffer
(git-fixes).
o Drivers: hv: vmbus: fix double free in the error path of
vmbus_add_channel_work() (git-fixes).
o Drivers: hv: vmbus: fix possible memory leak in vmbus_device_register()
(git-fixes).
o FDDI: defxx: Bail out gracefully with unassigned PCI resource for CSR
(git-fixes).
o FDDI: defxx: Make MMIO the configuration default except for EISA
(git-fixes).
o KVM: s390: Add a routine for setting userspace CPU state (git-fixes).
o KVM: s390: Clarify SIGP orders versus STOP/RESTART (git-fixes).
o KVM: s390: Fix handle_sske page fault handling (git-fixes).
o KVM: s390: Simplify SIGP Set Arch handling (git-fixes).
o KVM: s390: fix memory slot handling for KVM_SET_USER_MEMORY_REGION
(git-fixes).
o KVM: s390: reduce number of IO pins to 1 (git-fixes).
o KVM: s390: split kvm_s390_logical_to_effective (git-fixes).
o KVM: s390: split kvm_s390_real_to_abs (git-fixes).
o KVM: s390x: fix SCK locking (git-fixes).
o NIU: fix incorrect error return, missed in previous revert (git-fixes).
o PCI: hv: Add check for hyperv_initialized in init_hv_pci_drv() (bsc#
1204446).
o PCI: hv: Add validation for untrusted Hyper-V values (bsc#1204017).
o PCI: hv: Drop msi_controller structure (bsc#1204446).
o PCI: hv: Fix NUMA node assignment when kernel boots with custom NUMA
topology (bsc#1199365).
o PCI: hv: Fix a race condition when removing the device (bsc#1204446).
o PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI (bsc#1200845).
o PCI: hv: Fix interrupt mapping for multi-MSI (bsc#1200845).
o PCI: hv: Fix multi-MSI to allow more than one MSI vector (bsc#1200845).
o PCI: hv: Fix sleep while in non-sleep context when removing child devices
from the bus (bsc#1204446).
o PCI: hv: Fix synchronization between channel callback and
hv_compose_msi_msg() (bsc#1204017, bsc#1203860, bsc#1205617).
o PCI: hv: Fix synchronization between channel callback and hv_pci_bus_exit()
(bsc#1204017, bsc#1205617).
o PCI: hv: Fix the definition of vector in hv_compose_msi_msg() (bsc#
1200845).
o PCI: hv: Make the code arch neutral by adding arch specific interfaces (bsc
#1200845).
o PCI: hv: Only reuse existing IRTE allocation for Multi-MSI (bsc#1200845).
o PCI: hv: Remove bus device removal unused refcount/functions (bsc#1204446).
o PCI: hv: Remove unnecessary use of %hx (bsc#1204446).
o PCI: hv: Reuse existing IRTE allocation in compose_msi_msg() (bsc#1200845).
o PCI: hv: Support for create interrupt v3 (git-fixes).
o PCI: hv: Use struct_size() helper (bsc#1204446).
o PCI: hv: Use vmbus_requestor to generate transaction IDs for VMbus
hardening (bsc#1204017).
o PM: hibernate: fix sparse warnings (git-fixes).
o Xen/gntdev: do not ignore kernel unmapping error (git-fixes).
o add missing bug reference to a hv_netvsc patch file (bsc#1204850).
o always clear the X2APIC_ENABLE bit for PV guest (git-fixes).
o arm/xen: Do not probe xenbus as part of an early initcall (git-fixes).
o ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 (git-fixes).
o bfq: Update cgroup information before merging bio (git-fixes).
o blk-mq: add callback of .cleanup_rq (git-fixes).
o blktrace: Trace remapped requests correctly (git-fixes).
o block/bfq: fix ifdef for CONFIG_BFQ_GROUP_IOSCHED=y (git-fixes).
o block: Add a helper to validate the block size (git-fixes).
o block: blk_queue_enter() / __bio_queue_enter() must return -EAGAIN for
nowait (git-fixes).
o block: do not delete queue kobject before its children (git-fixes).
o block: respect queue limit of max discard segment (git-fixes).
o block: rsxx: select CONFIG_CRC32 (git-fixes).
o block: use "unsigned long" for blk_validate_block_size() (git-fixes).
o bnxt_en: Clean up completion ring page arrays completely (git-fixes).
o bnxt_en: Do not use static arrays for completion ring pages (git-fixes).
o bnxt_en: Fix Priority Bytes and Packets counters in ethtool -S (git-fixes).
o bnxt_en: Fix TX timeout when TX ring size is set to the smallest
(git-fixes).
o bnxt_en: Free context memory after disabling PCI in probe error path
(git-fixes).
o bnxt_en: Increase maximum RX ring size if jumbo ring is not used
(git-fixes).
o brd: re-enable __GFP_HIGHMEM in brd_insert_page() (git-fixes).
o can: peak_pci: peak_pci_remove(): fix UAF (git-fixes).
o can: peak_usb: pcan_usb_fd_decode_status(): fix back to ERROR_ACTIVE state
notification (git-fixes).
o can: rcar_can: fix suspend/resume (git-fixes).
o ceph: check availability of mds cluster on mount after wait timeout (bsc#
1205903).
o ceph: do not skip updating wanted caps when cap is stale (bsc#1205905).
o ceph: fix fscache invalidation (bsc#1205907).
o ceph: fix potential race in ceph_check_caps (bsc#1205906).
o ceph: lockdep annotations for try_nonblocking_invalidate (bsc#1205908).
o ceph: return -EINVAL if given fsc mount option on kernel w/o support (bsc#
1205902).
o ceph: return -ERANGE if virtual xattr value didn't fit in buffer (bsc#
1205901).
o ceph: return ceph_mdsc_do_request() errors from __get_parent() (bsc#
1205904).
o cuse: prevent clone (bsc#1206120).
o cxgb4: dont touch blocked freelist bitmap after free (git-fixes).
o dm era: commit metadata in postsuspend after worker stops (git-fixes).
o dm mirror log: clear log bits up to BITS_PER_LONG boundary (git-fixes).
o dm mpath: remove harmful bio-based optimization (git-fixes).
o dm raid: fix accesses beyond end of raid member array (git-fixes).
o dm raid: fix address sanitizer warning in raid_resume (git-fixes).
o dm raid: fix address sanitizer warning in raid_status (git-fixes).
o dm thin: fix use-after-free crash in dm_sm_register_threshold_callback
(git-fixes).
o dm: return early from dm_pr_call() if DM device is suspended (git-fixes).
o e100: fix buffer overrun in e100_get_regs (git-fixes).
o e100: fix length calculation in e100_get_regs_len (git-fixes).
o floppy: Fix hang in watchdog when disk is ejected (git-fixes).
o ftrace: Fix char print issue in print_ip_ins() (git-fixes).
o ftrace: Fix the possible incorrect kernel message (git-fixes).
o ftrace: Fix use-after-free for dynamic ftrace_ops (git-fixes).
o ftrace: Optimize the allocation for mcount entries (git-fixes).
o fuse: do not check refcount after stealing page (bsc#1206119).
o fuse: retrieve: cap requested size to negotiated max_write (bsc#1206118).
o fuse: use READ_ONCE on congestion_threshold and max_background (bsc#
1206117).
o gianfar: Disable EEE autoneg by default (git-fixes).
o hv_netvsc: Add check for kvmalloc_array (git-fixes).
o hv_netvsc: Add error handling while switching data path (bsc#1204850).
o hv_netvsc: Add validation for untrusted Hyper-V values (bsc#1204017).
o hv_netvsc: Cache the current data path to avoid duplicate call and message
(bsc#1204017).
o hv_netvsc: Check VF datapath when sending traffic to VF (bsc#1204017).
o hv_netvsc: Fix error handling in netvsc_set_features() (git-fixes).
o hv_netvsc: Fix race between VF offering and VF association message from
host (git-fixes).
o hv_netvsc: Print value of invalid ID in netvsc_send_
{completion,tx_complete}() (bsc#1204017).
o hv_netvsc: Process NETDEV_GOING_DOWN on VF hot remove (bsc#1204850).
o hv_netvsc: Remove unnecessary round_up for recv_completion_cnt (bsc#
1204017).
o hv_netvsc: Reset the RSC count if NVSP_STAT_FAIL in netvsc_receive() (bsc#
1204017).
o hv_netvsc: Sync offloading features to VF NIC (git-fixes).
o hv_netvsc: Use vmbus_requestor to generate transaction IDs for VMBus
hardening (bsc#1204017).
o hv_netvsc: Wait for completion on request SWITCH_DATA_PATH (bsc#1204017).
o hv_netvsc: use netif_is_bond_master() instead of open code (git-fixes).
o i40e: Fix kernel crash during module removal (git-fixes).
o i40e: Fix reset path while removing the driver (git-fixes).
o i40e: fix endless loop under rtnl (git-fixes).
o ibmvnic: Free rwi on reset success (bsc#1184350 ltc#191533 git-fixes).
o ice: Increase control queue timeout (git-fixes).
o igb: Fix position of assignment to *ring (git-fixes).
o igc: Fix use-after-free error during reset (git-fixes).
o igc: change default return of igc_read_phy_reg() (git-fixes).
o ipv6: ping: fix wrong checksum for large frames (bsc#1203183).
o ixgbe: Fix packet corruption due to missing DMA sync (git-fixes).
o kexec: turn all kexec_mutex acquisitions into trylocks (git-fixes).
o kprobes/x86/xen: blacklist non-attachable xen interrupt functions
(git-fixes).
o livepatch: Add a missing newline character in klp_module_coming() (bsc#
1071995).
o livepatch: fix race between fork and KLP transition (bsc#1071995).
o macsec: check return value of skb_to_sgvec always (git-fixes).
o macsec: fix memory leaks when skb_to_sgvec fails (git-fixes).
o md/raid5: Ensure stripe_fill happens on non-read IO with journal
(git-fixes).
o md: Replace snprintf with scnprintf (git-fixes, bsc#1164051).
o media: em28xx-input: fix refcount bug in em28xx_usb_disconnect (git-fixes).
o media: ite-cir: IR receiver stop working after receive overflow
(git-fixes).
o media: mceusb: RX -EPIPE (urb status = -32) lockup failure fix (git-fixes).
o media: mceusb: TX -EPIPE (urb status = -32) lockup fix (git-fixes).
o media: mceusb: do not read data parameters unless required (git-fixes).
o media: mceusb: fix inaccurate debug buffer dumps, and misleading debug
messages (git-fixes).
o media: mceusb: sanity check for prescaler value (git-fixes).
o media: mceusb: sporadic RX truncation corruption fix (git-fixes).
o mm, swap, frontswap: fix THP swap if frontswap enabled (git-fixes).
o module: change to print useful messages from elf_validity_check()
(git-fixes).
o module: fix [e_shstrndx].sh_size=0 OOB access (git-fixes).
o module: harden ELF info handling (git-fixes).
o natsemi: sonic: stop calling netdev_boot_setup_check (git-fixes).
o nbd: do not update block size after device is started (git-fixes).
o net/mlx5: E-Switch, Hold mutex when querying drop counter in legacy mode
(git-fixes).
o net/mlx5: Fix flow table chaining (git-fixes).
o net/mlx5e: Fix endianness handling in pedit mask (git-fixes).
o net/mlx5e: Fix nullptr in mlx5e_hairpin_get_mdev() (git-fixes).
o net: aquantia: Fix actual speed capabilities reporting (git-fixes).
o net: bcmgenet: Ensure all TX/RX queues DMAs are disabled (git-fixes).
o net: ethernet: arc: fix error handling in emac_rockchip_probe (git-fixes).
o net: ethernet: ti: ale: fix seeing unreg mcast packets with promisc and
allmulti disabled (git-fixes).
o net: ethernet: xilinx: Mark XILINX_LL_TEMAC broken on 64-bit (git-fixes).
o net: hns3: add limit ets dwrr bandwidth cannot be 0 (git-fixes).
o net: hns3: check vlan id before using it (git-fixes).
o net: hns3: disable sriov before unload hclge layer (git-fixes).
o net: hns3: do not allow call hns3_nic_net_open repeatedly (git-fixes).
o net: hns3: fix change RSS 'hfunc' ineffective issue (git-fixes).
o net: hns3: fix kernel crash when unload VF while it is being reset
(git-fixes).
o net: hns3: reset DWRR of unused tc to zero (git-fixes).
o net: hyperv: remove use of bpf_op_t (git-fixes).
o net: ieee802154: adf7242: Fix bug if defined DEBUG (git-fixes).
o net: ieee802154: at86rf230: Stop leaking skb's (git-fixes).
o net: ieee802154: ca8210: Stop leaking skb's (git-fixes).
o net: mdiobus: Fix memory leak in __mdiobus_register (git-fixes).
o net: moxa: fix UAF in moxart_mac_probe (git-fixes).
o net: natsemi: Fix missing pci_disable_device() in probe and remove
(git-fixes).
o net: netvsc: remove break after return (git-fixes).
o net: nxp: lpc_eth.c: avoid hang when bringing interface down (git-fixes).
o net: qcom/emac: fix UAF in emac_remove (git-fixes).
o net: smsc911x: Fix unload crash when link is up (git-fixes).
o net: ti: fix UAF in tlan_remove_one (git-fixes).
o net: xen-netback: fix return type of ndo_start_xmit function (git-fixes).
o nfsd: set the server_scope during service startup (bsc#1203746).
o null_blk: Fix the null_add_dev() error path (git-fixes).
o null_blk: fix ida error handling in null_add_dev() (git-fixes).
o null_blk: fix passing of REQ_FUA flag in null_handle_rq (git-fixes).
o panic, kexec: make __crash_kexec() NMI safe (git-fixes).
o phy: mdio: fix memory leak (git-fixes).
o ptp: dp83640: do not define PAGE0 (git-fixes).
o qed: Fix missing error code in qed_slowpath_start() (git-fixes).
o rbd: fix possible memory leak in rbd_sysfs_init() (git-fixes).
o ring-buffer: Add ring_buffer_wake_waiters() (git-fixes).
o ring-buffer: Allow splice to read previous partially read pages
(git-fixes).
o ring-buffer: Check for NULL cpu_buffer in ring_buffer_wake_waiters()
(git-fixes).
o ring-buffer: Check pending waiters when doing wake ups as well (git-fixes).
o ring-buffer: Fix race between reset page and reading page (git-fixes).
o ring_buffer: Do not deactivate non-existant pages (git-fixes).
o s390/boot: fix absolute zero lowcore corruption on boot (git-fixes).
o s390/cio: Fix the "type" field in s390_cio_tpi tracepoint (git-fixes).
o s390/cio: dont call css_wait_for_slow_path() inside a lock (git-fixes).
o s390/cpcmd: fix inline assembly register clobbering (git-fixes).
o s390/crash: fix incorrect number of bytes to copy to user space
(git-fixes).
o s390/crash: make copy_oldmem_page() return number of bytes copied
(git-fixes).
o s390/crypto: fix scatterwalk_unmap() callers in AES-GCM (git-fixes).
o s390/ctcm: fix potential memory leak (git-fixes).
o s390/ctcm: fix variable dereferenced before check (git-fixes).
o s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup
(git-fixes).
o s390/futex: add missing EX_TABLE entry to __futex_atomic_op() (git-fixes).
o s390/lcs: fix variable dereferenced before check (git-fixes).
o s390/mcck: fix invalid KVM guest condition check (git-fixes).
o s390/mcck: isolate SIE instruction when setting CIF_MCCK_GUEST flag
(git-fixes).
o s390/mm: use non-quiescing sske for KVM switch to keyed guest (git-fixes).
o s390/module: fix loading modules with a lot of relocations (git-fixes).
o s390/nmi: handle guarded storage validity failures for KVM guests
(git-fixes).
o s390/nmi: handle vector validity failures for KVM guests (git-fixes).
o s390/pci: add missing EX_TABLE entries to __pcistg_mio_inuser()/
__pcilg_mio_inuser() (git-fixes).
o s390/pkey: fix paes selftest failure with paes and pkey static build
(git-fixes).
o s390/pv: fix the forcing of the swiotlb (git-fixes).
o s390/qdio: cancel the ESTABLISH ccw after timeout (git-fixes).
o s390/qdio: fix roll-back after timeout on ESTABLISH ccw (git-fixes).
o s390/qeth: Fix deadlock in remove_discipline (bsc#1206213 LTC#200742).
o s390/qeth: Fix error handling during VNICC initialization (git-fixes).
o s390/qeth: Fix initialization of vnicc cmd masks during set online
(git-fixes).
o s390/qeth: Fix vnicc_is_in_use if rx_bcast not set (git-fixes).
o s390/qeth: do not defer close_dev work during recovery (bsc#1206213 LTC#
200742).
o s390/qeth: fix NULL deref in qeth_clear_working_pool_list() (git-fixes).
o s390/qeth: fix deadlock during failing recovery (bsc#1206213 LTC#200742).
o s390/qeth: fix false reporting of VNIC CHAR config failure (git-fixes).
o s390/qeth: fix memory leak after failed TX Buffer allocation (git-fixes).
o s390/qeth: fix notification for pending buffers during teardown
(git-fixes).
o s390/qeth: remove driver-wide workqueue (bsc#1206213 LTC#200742).
o s390/qeth: vnicc Fix EOPNOTSUPP precedence (git-fixes).
o s390/qeth: vnicc Fix init to default (git-fixes).
o s390/uaccess: add missing EX_TABLE entries to __clear_user(),
copy_in_user_mvcos(), copy_in_user_mvc(), clear_user_xc() and
__strnlen_user() (git-fixes).
o s390/zcore: fix race when reading from hardware system area (git-fixes).
o s390: Remove arch_has_random, arch_has_random_seed (git-fixes).
o s390: appldata depends on PROC_SYSCTL (git-fixes).
o s390: define get_cycles macro for arch-override (git-fixes).
o s390: fix nospec table alignments (git-fixes).
o sbitmap: fix possible io hung due to lost wakeup (git-fixes).
o scsi: bsg: Remove support for SCSI_IOCTL_SEND_COMMAND (git-fixes).
o scsi: ibmvfc: Avoid path failures during live migration (bsc#1065729).
o scsi: ibmvscsis: Increase INITIAL_SRP_LIMIT to 1024 (bsc#1156395).
o scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() (git-fixes).
o scsi: lpfc: Rework MIB Rx Monitor debug info logic (git-fixes).
o scsi: lpfc: Update the obsolete adapter list (bsc#1204142).
o scsi: qla2xxx: Fix serialization of DCBX TLV data request (bsc#1204963).
o scsi: qla2xxx: Use transport-defined speed mask for supported_speeds (bsc#
1204963).
o scsi: storvsc: Drop DID_TARGET_FAILURE use (git-fixes).
o scsi: storvsc: Fix max_outstanding_req_per_channel for Win8 and newer (bsc#
1204017).
o scsi: storvsc: Fix validation for unsolicited incoming packets (bsc#
1204017).
o scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq (git-fixes).
o scsi: storvsc: Resolve data race in storvsc_probe() (bsc#1204017).
o scsi: storvsc: Use blk_mq_unique_tag() to generate requestIDs (bsc#
1204017).
o scsi: storvsc: Use vmbus_requestor to generate transaction IDs for VMBus
hardening (bsc#1204017).
o scsi: storvsc: Validate length of incoming packet in
storvsc_on_channel_callback() (bsc#1204017).
o scsi: zfcp: Fix double free of FSF request when qdio send fails
(git-fixes).
o scsi: zfcp: Fix missing auto port scan and thus missing target ports
(git-fixes).
o selftests/livepatch: better synchronize test_klp_callbacks_busy (bsc#
1071995).
o sfp: fix RX_LOS signal handling (git-fixes).
o sis900: Fix missing pci_disable_device() in probe and remove (git-fixes).
o sunrpc: Re-purpose trace_svc_process (bsc#1205006).
o tracing: Add ioctl() to force ring buffer waiters to wake up (git-fixes).
o tracing: Disable interrupt or preemption before acquiring arch_spinlock_t
(git-fixes).
o tracing: Do not free snapshot if tracer is on cmdline (git-fixes).
o tracing: Simplify conditional compilation code in tracing_set_tracer()
(git-fixes).
o tracing: Wake up ring buffer waiters on closing of the file (git-fixes).
o tracing: Wake up waiters when tracing is disabled (git-fixes).
o tulip: windbond-840: Fix missing pci_disable_device() in probe and remove
(git-fixes).
o usb: chipidea: udc: check request status before setting device address
(git-fixes).
o usb: musb: Fix suspend with devices connected for a64 (git-fixes).
o vfio/ccw: Do not change FSM state in subchannel event (git-fixes).
o vfio: ccw: fix error return in vfio_ccw_sch_event (git-fixes).
o virtio-blk: Use blk_validate_block_size() to validate block size
(git-fixes).
o virtio/s390: implement virtio-ccw revision 2 correctly (git-fixes).
o virtio_blk: eliminate anonymous module_init & module_exit (git-fixes).
o virtio_net: move tx vq operation under tx queue lock (git-fixes).
o vxlan: add missing rcu_read_lock() in neigh_reduce() (git-fixes).
o x86/bugs: Make sure MSR_SPEC_CTRL is updated properly upon resume from S3
(bsc#1206037).
o x86/cpu: Restore AMD's DE_CFG MSR after resume (bsc#1205473).
o x86/hyperv: Output host build info as normal Windows version number
(git-fixes).
o x86/hyperv: Set pv_info.name to "Hyper-V" (git-fixes).
o x86/microcode/AMD: Apply the patch early on every logical thread (bsc#
1205264).
o x86/xen: Distribute switch variables for initialization (git-fixes).
o x86/xen: Return from panic notifier (git-fixes).
o x86/xen: do not unbind uninitialized lock_kicker_irq (git-fixes).
o xen-blkback: prevent premature module unload (git-fixes).
o xen-netback: correct success/error reporting for the SKB-with-fraglist case
(git-fixes).
o xen-netfront: remove warning when unloading module (git-fixes).
o xen/balloon: fix balloon initialization for PVH Dom0 (git-fixes).
o xen/balloon: fix balloon kthread freezing (git-fixes).
o xen/balloon: fix ballooned page accounting without hotplug enabled
(git-fixes).
o xen/balloon: fix cancelled balloon action (git-fixes).
o xen/balloon: use a kernel thread instead a workqueue (git-fixes).
o xen/blkback: fix memory leaks (git-fixes).
o xen/efi: Set nonblocking callbacks (git-fixes).
o xen/gntdev: Avoid blocking in unmap_grant_pages() (git-fixes).
o xen/gntdev: Fix off-by-one error when unmapping with holes (git-fixes).
o xen/gntdev: Fix partial gntdev_mmap() cleanup (git-fixes).
o xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE (git-fixes).
o xen/gntdev: Prevent leaking grants (git-fixes).
o xen/grant-table: Use put_page instead of free_page (git-fixes).
o xen/pciback: Check dev_data before using it (git-fixes).
o xen/pciback: remove set but not used variable 'old_state' (git-fixes).
o xen/pcpu: fix possible memory leak in register_pcpu() (git-fixes).
o xen/scsiback: add error handling for xenbus_printf (git-fixes).
o xen/xenbus: Fix granting of vmalloc'd memory (git-fixes).
o xen/xenbus: ensure xenbus_map_ring_valloc() returns proper grant status
(git-fixes).
o xen: Fix XenStore initialisation for XS_LOCAL (git-fixes).
o xen: Fix event channel callback via INTX/GSI (git-fixes).
o xen: XEN_ACPI_PROCESSOR is Dom0-only (git-fixes).
o xen: add error handling for xenbus_printf (git-fixes).
o xen: avoid crash in disable_hotplug_cpu (bsc#1106594).
o xen: fix GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage
(git-fixes).
o xen: xenbus: use put_device() instead of kfree() (git-fixes).
o xenbus: req->body should be updated before req->state (git-fixes).
o xenbus: req->err should be updated before req->state (git-fixes).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Workstation Extension 12-SP5:
zypper in -t patch SUSE-SLE-WE-12-SP5-2022-4566=1
o SUSE Linux Enterprise Software Development Kit 12-SP5:
zypper in -t patch SUSE-SLE-SDK-12-SP5-2022-4566=1
o SUSE Linux Enterprise Server 12-SP5:
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-4566=1
o SUSE Linux Enterprise Live Patching 12-SP5:
zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2022-4566=1
Please note that this is the initial kernel livepatch without fixes itself,
this package is later updated by seperate standalone kernel livepatch
updates.
o SUSE Linux Enterprise High Availability 12-SP5:
zypper in -t patch SUSE-SLE-HA-12-SP5-2022-4566=1
Package List:
o SUSE Linux Enterprise Workstation Extension 12-SP5 (x86_64):
kernel-default-debuginfo-4.12.14-122.144.1
kernel-default-debugsource-4.12.14-122.144.1
kernel-default-extra-4.12.14-122.144.1
kernel-default-extra-debuginfo-4.12.14-122.144.1
o SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le
s390x x86_64):
kernel-obs-build-4.12.14-122.144.1
kernel-obs-build-debugsource-4.12.14-122.144.1
o SUSE Linux Enterprise Software Development Kit 12-SP5 (noarch):
kernel-docs-4.12.14-122.144.1
o SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64):
kernel-default-4.12.14-122.144.1
kernel-default-base-4.12.14-122.144.1
kernel-default-base-debuginfo-4.12.14-122.144.1
kernel-default-debuginfo-4.12.14-122.144.1
kernel-default-debugsource-4.12.14-122.144.1
kernel-default-devel-4.12.14-122.144.1
kernel-syms-4.12.14-122.144.1
o SUSE Linux Enterprise Server 12-SP5 (noarch):
kernel-devel-4.12.14-122.144.1
kernel-macros-4.12.14-122.144.1
kernel-source-4.12.14-122.144.1
o SUSE Linux Enterprise Server 12-SP5 (x86_64):
kernel-default-devel-debuginfo-4.12.14-122.144.1
o SUSE Linux Enterprise Server 12-SP5 (s390x):
kernel-default-man-4.12.14-122.144.1
o SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64):
kernel-default-debuginfo-4.12.14-122.144.1
kernel-default-debugsource-4.12.14-122.144.1
kernel-default-kgraft-4.12.14-122.144.1
kernel-default-kgraft-devel-4.12.14-122.144.1
kgraft-patch-4_12_14-122_144-default-1-8.5.1
o SUSE Linux Enterprise High Availability 12-SP5 (ppc64le s390x x86_64):
cluster-md-kmp-default-4.12.14-122.144.1
cluster-md-kmp-default-debuginfo-4.12.14-122.144.1
dlm-kmp-default-4.12.14-122.144.1
dlm-kmp-default-debuginfo-4.12.14-122.144.1
gfs2-kmp-default-4.12.14-122.144.1
gfs2-kmp-default-debuginfo-4.12.14-122.144.1
kernel-default-debuginfo-4.12.14-122.144.1
kernel-default-debugsource-4.12.14-122.144.1
ocfs2-kmp-default-4.12.14-122.144.1
ocfs2-kmp-default-debuginfo-4.12.14-122.144.1
References:
o https://www.suse.com/security/cve/CVE-2022-28693.html
o https://www.suse.com/security/cve/CVE-2022-3567.html
o https://www.suse.com/security/cve/CVE-2022-3628.html
o https://www.suse.com/security/cve/CVE-2022-3635.html
o https://www.suse.com/security/cve/CVE-2022-3643.html
o https://www.suse.com/security/cve/CVE-2022-3903.html
o https://www.suse.com/security/cve/CVE-2022-4095.html
o https://www.suse.com/security/cve/CVE-2022-41850.html
o https://www.suse.com/security/cve/CVE-2022-41858.html
o https://www.suse.com/security/cve/CVE-2022-42328.html
o https://www.suse.com/security/cve/CVE-2022-42329.html
o https://www.suse.com/security/cve/CVE-2022-42895.html
o https://www.suse.com/security/cve/CVE-2022-42896.html
o https://www.suse.com/security/cve/CVE-2022-4378.html
o https://www.suse.com/security/cve/CVE-2022-43945.html
o https://www.suse.com/security/cve/CVE-2022-45934.html
o https://bugzilla.suse.com/1065729
o https://bugzilla.suse.com/1071995
o https://bugzilla.suse.com/1106594
o https://bugzilla.suse.com/1156395
o https://bugzilla.suse.com/1164051
o https://bugzilla.suse.com/1184350
o https://bugzilla.suse.com/1199365
o https://bugzilla.suse.com/1200845
o https://bugzilla.suse.com/1201455
o https://bugzilla.suse.com/1203183
o https://bugzilla.suse.com/1203746
o https://bugzilla.suse.com/1203860
o https://bugzilla.suse.com/1203960
o https://bugzilla.suse.com/1204017
o https://bugzilla.suse.com/1204142
o https://bugzilla.suse.com/1204414
o https://bugzilla.suse.com/1204446
o https://bugzilla.suse.com/1204631
o https://bugzilla.suse.com/1204636
o https://bugzilla.suse.com/1204810
o https://bugzilla.suse.com/1204850
o https://bugzilla.suse.com/1204868
o https://bugzilla.suse.com/1204963
o https://bugzilla.suse.com/1205006
o https://bugzilla.suse.com/1205128
o https://bugzilla.suse.com/1205130
o https://bugzilla.suse.com/1205220
o https://bugzilla.suse.com/1205234
o https://bugzilla.suse.com/1205264
o https://bugzilla.suse.com/1205473
o https://bugzilla.suse.com/1205514
o https://bugzilla.suse.com/1205617
o https://bugzilla.suse.com/1205671
o https://bugzilla.suse.com/1205705
o https://bugzilla.suse.com/1205709
o https://bugzilla.suse.com/1205796
o https://bugzilla.suse.com/1205901
o https://bugzilla.suse.com/1205902
o https://bugzilla.suse.com/1205903
o https://bugzilla.suse.com/1205904
o https://bugzilla.suse.com/1205905
o https://bugzilla.suse.com/1205906
o https://bugzilla.suse.com/1205907
o https://bugzilla.suse.com/1205908
o https://bugzilla.suse.com/1206032
o https://bugzilla.suse.com/1206037
o https://bugzilla.suse.com/1206113
o https://bugzilla.suse.com/1206114
o https://bugzilla.suse.com/1206117
o https://bugzilla.suse.com/1206118
o https://bugzilla.suse.com/1206119
o https://bugzilla.suse.com/1206120
o https://bugzilla.suse.com/1206207
o https://bugzilla.suse.com/1206213
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY6EHT8kNZI30y1K9AQjcFQ//dz0SwXeumLBqSwT0NR8h/py2nbgIrBC4
bJvSHquPi2WekxU7NncvaY2QfI79TZS4sAqVO9Duw3iBxtrzPEZ6Wi/4AXpc/VL2
zq0VACPj6SVP0w24Uqya0fWr3jq0HdZlMHbsMg0nB9P3QVUD6H0weQ0A+OujRhQ6
6JeZzXcdewex/XydlV7ZBnitQUDDtfDjV7U7GzXIshawIZd2xvqBIue8pcvADRaG
uCpAN64fc9Klu8FO/KVD4R+iT2UHLGpLpxtu1RLHyNHR8kE7CxFvO6MC21kkJsk8
908fJbuL++qe7LQBPpQYGlk1J0u+LHfW+RTc/5MeMaZ2W1nbgaf2CIf1BPqtwQFa
uV3z+cTS+dyUctTveJaLwhN8v53B/EOtf4xveDJ1/CG66HGMkrDrnz6Fh9aUBbVm
JWmcqdc9TDNlHR8d3yWEy85Fs0lywvsWN93ZbvnHMKaYOkg/CJ3VCv6O3hDMGUhQ
KoJqoP6NIiizPq7Fiy5yaM2sr1yJnGd2xUCdktQaEN2ru9zLtGWU93f1tUfiASeO
aBX21H2bTGQedfFPMz09cvINAxTltFg5CC33/ZETQRLFbsL81CnOMo6qYdFTn+ge
CNfSQ1447S03DFQvDJbwyIbnz/96TbB5CZq+Wxt0eHdMnPHNJtCw/Sd5a0WOs5pN
MRuuYlSQ/Jo=
=SMB2
-----END PGP SIGNATURE-----