Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2023:3006-1
Rating:	important
References:	bsc#1150305 bsc#1173438 bsc#1202716 bsc#1205496 bsc#1207617 bsc#1207620 bsc#1207629 bsc#1207630 bsc#1207633 bsc#1207634 bsc#1207653 bsc#1208788 bsc#1210584 bsc#1210765 bsc#1210766 bsc#1210771 bsc#1211867 bsc#1212301 bsc#1212657 bsc#1212741 bsc#1212835 bsc#1212871 bsc#1212905 bsc#1212986 bsc#1212987 bsc#1212988 bsc#1212989 bsc#1212990 bsc#1213010 bsc#1213011 bsc#1213012 bsc#1213013 bsc#1213014 bsc#1213015 bsc#1213017 bsc#1213018 bsc#1213019 bsc#1213020 bsc#1213021 bsc#1213022 bsc#1213023 bsc#1213024 bsc#1213025 bsc#1213032 bsc#1213033 bsc#1213034 bsc#1213035 bsc#1213036 bsc#1213037 bsc#1213038 bsc#1213039 bsc#1213040 bsc#1213041 bsc#1213042 bsc#1213059 bsc#1213133 bsc#1213215 bsc#1213218 bsc#1213221 bsc#1213286 bsc#1213344 bsc#1213346 bsc#1213525
Cross-References:	CVE-2023-20593 CVE-2023-2985 CVE-2023-35001
CVSS scores:	CVE-2023-20593 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2023-20593 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2023-2985 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2023-2985 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-35001 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-35001 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:	SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Real Time 12 SP5 SUSE Linux Enterprise Server 12 SP5

An update that solves three vulnerabilities and has 60 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

• CVE-2023-20593: Fixed a ZenBleed issue in "Zen 2" CPUs that could allow an attacker to potentially access sensitive information (bsc#1213286).
• CVE-2023-2985: Fixed an use-after-free vulnerability in hfsplus_put_super in fs/hfsplus/super.c that could allow a local user to cause a denial of service (bsc#1211867).
• CVE-2023-35001: Fixed an out-of-bounds memory access flaw in nft_byteorder that could allow a local attacker to escalate their privilege (bsc#1213059).

The following non-security bugs were fixed:

• Get module prefix from kmod (bsc#1212835).
• USB: add NO_LPM quirk for Realforce 87U Keyboard (git-fixes).
• USB: core: add quirk for Alcor Link AK9563 smartcard reader (git-fixes).
• USB: core: hub: Disable autosuspend for Cypress CY7C65632 (git-fixes).
• USB: hcd-pci: Fully suspend across freeze/thaw cycle (git-fixes).
• USB: hub: Add delay for SuperSpeed hub resume to let links transit to U0 (git-fixes).
• USB: serial: option: add Fibocom FM160 0x0111 composition (git-fixes).
• USB: serial: option: add Quectel EM05-G (GR) modem (git-fixes).
• USB: serial: option: add Quectel EM05-G (RS) modem (git-fixes).
• USB: serial: option: add Sierra Wireless EM9191 (git-fixes).
• USB: serial: option: add u-blox LARA-R6 00B modem (git-fixes).
• blkcg, writeback: dead memcgs shouldn't contribute to writeback ownership arbitration (bsc#1213022).
• btrfs: fix resolving backrefs for inline extent followed by prealloc (bsc#1213133).
• dlm: Delete an unnecessary variable initialisation in dlm_ls_start() (git-fixes).
• dlm: NULL check before kmem_cache_destroy is not needed (git-fixes).
• dlm: fix invalid cluster name warning (git-fixes).
• dlm: fix missing idr_destroy for recover_idr (git-fixes).
• dlm: fix missing lkb refcount handling (git-fixes).
• dlm: fix plock invalid read (git-fixes).
• dlm: fix possible call to kfree() for non-initialized pointer (git-fixes).
• ext4: Fix reusing stale buffer heads from last failed mounting (bsc#1213020).
• ext4: add inode table check in __ext4_get_inode_loc to aovid possible infinite loop (bsc#1207617).
• ext4: avoid BUG_ON when creating xattrs (bsc#1205496).
• ext4: avoid unaccounted block allocation when expanding inode (bsc#1207634).
• ext4: bail out of ext4_xattr_ibody_get() fails for any reason (bsc#1213018).
• ext4: fail ext4_iget if special inode unallocated (bsc#1213010).
• ext4: fix RENAME_WHITEOUT handling for inline directories (bsc#1210766).
• ext4: fix WARNING in ext4_update_inline_data (bsc#1213012).
• ext4: fix bug_on in __es_tree_search caused by bad boot loader inode (bsc#1207620).
• ext4: fix cgroup writeback accounting with fs-layer encryption (bsc#1210765).
• ext4: fix deadlock due to mbcache entry corruption (bsc#1207653).
• ext4: fix error code return to user-space in ext4_get_branch() (bsc#1207630).
• ext4: fix i_disksize exceeding i_size problem in paritally written case (bsc#1213015).
• ext4: fix to check return value of freeze_bdev() in ext4_shutdown() (bsc#1213021).
• ext4: improve error recovery code paths in __ext4_remount() (bsc#1213017).
• ext4: init quota for 'old.inode' in 'ext4_rename' (bsc#1207629).
• ext4: initialize quota before expanding inode in setproject ioctl (bsc#1207633).
• ext4: move where set the MAY_INLINE_DATA flag is set (bsc#1213011).
• ext4: only update i_reserved_data_blocks on successful block allocation (bsc#1213019).
• ext4: zero i_disksize when initializing the bootloader inode (bsc#1213013).
• fs: dlm: cancel work sync othercon (git-fixes).
• fs: dlm: filter user dlm messages for kernel locks (git-fixes).
• fs: dlm: fix configfs memory leak (git-fixes).
• fs: dlm: fix debugfs dump (git-fixes).
• fs: dlm: fix memory leak when fenced (git-fixes).
• fs: dlm: fix race between test_bit() and queue_work() (git-fixes).
• fs: dlm: handle -EBUSY first in lock arg validation (git-fixes).
• fs: fix guard_bio_eod to check for real EOD errors (bsc#1213042).
• fs: prevent BUG_ON in submit_bh_wbc() (bsc#1212990).
• fuse: revalidate: do not invalidate if interrupted (bsc#1213525).
• igb: revert rtnl_lock() that causes deadlock (git-fixes).
• include/trace/events/writeback.h: fix -Wstringop-truncation warnings (bsc#1213023).
• inotify: Avoid reporting event with invalid wd (bsc#1213025).
• jbd2: Fix statistics for the number of logged blocks (bsc#1212988).
• jbd2: abort journal if free a async write error metadata buffer (bsc#1212989).
• jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted (bsc#1202716).
• jbd2: fix data races at struct journal_head (bsc#1173438).
• jbd2: fix invalid descriptor block checksum (bsc#1212987).
• jbd2: fix race when writing superblock (bsc#1212986).
• jdb2: Do not refuse invalidation of already invalidated buffers (bsc#1213014).
• kernel-docs: Add buildrequires on python3-base when using python3 The python3 binary is provided by python3-base.
• kernel-docs: Use python3 together with python3-Sphinx (bsc#1212741).
• lib/string: Add strscpy_pad() function (bsc#1213023).
• mbcache: Fixup kABI of mb_cache_entry (bsc#1207653).
• memcg: drop kmem.limit_in_bytes (bsc#1208788, bsc#1212905).
• memcg: fix a crash in wb_workfn when a device disappears (bsc#1213023).
• net: mana: Add support for vlan tagging (bsc#1212301).
• ocfs2: check new file size on fallocate call (git-fixes).
• ocfs2: fix use-after-free when unmounting read-only filesystem (git-fixes).
• powerpc/mm/dax: Fix the condition when checking if altmap vmemap can cross-boundary (bsc#1150305 ltc#176097 git-fixes).
• rpm/check-for-config-changes: ignore also PAHOLE_HAS_* We now also have options like CONFIG_PAHOLE_HAS_LANG_EXCLUDE.
• s390/dasd: fix memleak in path handling error case (git-fixes bsc#1213221).
• s390/perf: Change CPUM_CF return code in event init function (git-fixes bsc#1213344).
• s390/perf: Return error when debug_register fails (git-fixes bsc#1212657).
• s390: limit brk randomization to 32MB (git-fixes bsc#1213346).
• uas: add no-uas quirk for Hiksemi usb_disk (git-fixes).
• uas: ignore UAS for Thinkplus chips (git-fixes).
• ubi: Fix failure attaching when vid_hdr offset equals to (sub)page size (bsc#1210584).
• ubi: ensure that VID header offset + VID header size <= alloc, size (bsc#1210584).
• udf: Avoid double brelse() in udf_rename() (bsc#1213032).
• udf: Check consistency of Space Bitmap Descriptor (bsc#1210771).
• udf: Define EFSCORRUPTED error code (bsc#1213038).
• udf: Discard preallocation before extending file with a hole (bsc#1213036).
• udf: Do not bother looking for prealloc extents if i_lenExtents matches i_size (bsc#1213035).
• udf: Do not bother merging very long extents (bsc#1213040).
• udf: Do not update file length for failed writes to inline files (bsc#1213041).
• udf: Drop unused arguments of udf_delete_aext() (bsc#1213033).
• udf: Fix extending file within last block (bsc#1213037).
• udf: Fix preallocation discarding at indirect extent boundary (bsc#1213034).
• udf: Truncate added extents on failed expansion (bsc#1213039).
• usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS (git-fixes).
• usrmerge: Adjust module path in the kernel sources (bsc#1212835).
• vfio-ccw: Do not call flush_workqueue while holding the spinlock (git-fixes bsc#1213218).
• vfio-ccw: fence off transport mode (git-fixes bsc#1213215).
• writeback: fix call of incorrect macro (bsc#1213024).
• x86/bugs: Enable STIBP for JMP2RET (git-fixes).
• x86/bugs: Remove apostrophe typo (git-fixes).
• x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts (git-fixes).
• x86/cpu: Load microcode during restore_processor_state() (git-fixes).
• x86/delay: Fix the wrong asm constraint in delay_loop() (git-fixes).
• x86/speculation/mmio: Print SMT warning (git-fixes).
• x86: Fix return value of __setup handlers (git-fixes).

Special Instructions and Notes:

• Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Real Time 12 SP5
  zypper in -t patch SUSE-SLE-RT-12-SP5-2023-3006=1

Package List:

• SUSE Linux Enterprise Real Time 12 SP5 (x86_64)
  • ocfs2-kmp-rt-debuginfo-4.12.14-10.133.1
  • dlm-kmp-rt-4.12.14-10.133.1
  • ocfs2-kmp-rt-4.12.14-10.133.1
  • cluster-md-kmp-rt-debuginfo-4.12.14-10.133.1
  • kernel-rt-devel-debuginfo-4.12.14-10.133.1
  • kernel-rt_debug-devel-debuginfo-4.12.14-10.133.1
  • kernel-rt-debugsource-4.12.14-10.133.1
  • dlm-kmp-rt-debuginfo-4.12.14-10.133.1
  • kernel-rt-base-4.12.14-10.133.1
  • gfs2-kmp-rt-4.12.14-10.133.1
  • kernel-rt-debuginfo-4.12.14-10.133.1
  • kernel-rt_debug-debuginfo-4.12.14-10.133.1
  • gfs2-kmp-rt-debuginfo-4.12.14-10.133.1
  • cluster-md-kmp-rt-4.12.14-10.133.1
  • kernel-rt-base-debuginfo-4.12.14-10.133.1
  • kernel-rt-devel-4.12.14-10.133.1
  • kernel-rt_debug-devel-4.12.14-10.133.1
  • kernel-rt_debug-debugsource-4.12.14-10.133.1
  • kernel-syms-rt-4.12.14-10.133.1
• SUSE Linux Enterprise Real Time 12 SP5 (noarch)
  • kernel-source-rt-4.12.14-10.133.1
  • kernel-devel-rt-4.12.14-10.133.1
• SUSE Linux Enterprise Real Time 12 SP5 (nosrc x86_64)
  • kernel-rt_debug-4.12.14-10.133.1
  • kernel-rt-4.12.14-10.133.1

References:

• https://www.suse.com/security/cve/CVE-2023-20593.html
• https://www.suse.com/security/cve/CVE-2023-2985.html
• https://www.suse.com/security/cve/CVE-2023-35001.html
• https://bugzilla.suse.com/show_bug.cgi?id=1150305
• https://bugzilla.suse.com/show_bug.cgi?id=1173438
• https://bugzilla.suse.com/show_bug.cgi?id=1202716
• https://bugzilla.suse.com/show_bug.cgi?id=1205496
• https://bugzilla.suse.com/show_bug.cgi?id=1207617
• https://bugzilla.suse.com/show_bug.cgi?id=1207620
• https://bugzilla.suse.com/show_bug.cgi?id=1207629
• https://bugzilla.suse.com/show_bug.cgi?id=1207630
• https://bugzilla.suse.com/show_bug.cgi?id=1207633
• https://bugzilla.suse.com/show_bug.cgi?id=1207634
• https://bugzilla.suse.com/show_bug.cgi?id=1207653
• https://bugzilla.suse.com/show_bug.cgi?id=1208788
• https://bugzilla.suse.com/show_bug.cgi?id=1210584
• https://bugzilla.suse.com/show_bug.cgi?id=1210765
• https://bugzilla.suse.com/show_bug.cgi?id=1210766
• https://bugzilla.suse.com/show_bug.cgi?id=1210771
• https://bugzilla.suse.com/show_bug.cgi?id=1211867
• https://bugzilla.suse.com/show_bug.cgi?id=1212301
• https://bugzilla.suse.com/show_bug.cgi?id=1212657
• https://bugzilla.suse.com/show_bug.cgi?id=1212741
• https://bugzilla.suse.com/show_bug.cgi?id=1212835
• https://bugzilla.suse.com/show_bug.cgi?id=1212871
• https://bugzilla.suse.com/show_bug.cgi?id=1212905
• https://bugzilla.suse.com/show_bug.cgi?id=1212986
• https://bugzilla.suse.com/show_bug.cgi?id=1212987
• https://bugzilla.suse.com/show_bug.cgi?id=1212988
• https://bugzilla.suse.com/show_bug.cgi?id=1212989
• https://bugzilla.suse.com/show_bug.cgi?id=1212990
• https://bugzilla.suse.com/show_bug.cgi?id=1213010
• https://bugzilla.suse.com/show_bug.cgi?id=1213011
• https://bugzilla.suse.com/show_bug.cgi?id=1213012
• https://bugzilla.suse.com/show_bug.cgi?id=1213013
• https://bugzilla.suse.com/show_bug.cgi?id=1213014
• https://bugzilla.suse.com/show_bug.cgi?id=1213015
• https://bugzilla.suse.com/show_bug.cgi?id=1213017
• https://bugzilla.suse.com/show_bug.cgi?id=1213018
• https://bugzilla.suse.com/show_bug.cgi?id=1213019
• https://bugzilla.suse.com/show_bug.cgi?id=1213020
• https://bugzilla.suse.com/show_bug.cgi?id=1213021
• https://bugzilla.suse.com/show_bug.cgi?id=1213022
• https://bugzilla.suse.com/show_bug.cgi?id=1213023
• https://bugzilla.suse.com/show_bug.cgi?id=1213024
• https://bugzilla.suse.com/show_bug.cgi?id=1213025
• https://bugzilla.suse.com/show_bug.cgi?id=1213032
• https://bugzilla.suse.com/show_bug.cgi?id=1213033
• https://bugzilla.suse.com/show_bug.cgi?id=1213034
• https://bugzilla.suse.com/show_bug.cgi?id=1213035
• https://bugzilla.suse.com/show_bug.cgi?id=1213036
• https://bugzilla.suse.com/show_bug.cgi?id=1213037
• https://bugzilla.suse.com/show_bug.cgi?id=1213038
• https://bugzilla.suse.com/show_bug.cgi?id=1213039
• https://bugzilla.suse.com/show_bug.cgi?id=1213040
• https://bugzilla.suse.com/show_bug.cgi?id=1213041
• https://bugzilla.suse.com/show_bug.cgi?id=1213042
• https://bugzilla.suse.com/show_bug.cgi?id=1213059
• https://bugzilla.suse.com/show_bug.cgi?id=1213133
• https://bugzilla.suse.com/show_bug.cgi?id=1213215
• https://bugzilla.suse.com/show_bug.cgi?id=1213218
• https://bugzilla.suse.com/show_bug.cgi?id=1213221
• https://bugzilla.suse.com/show_bug.cgi?id=1213286
• https://bugzilla.suse.com/show_bug.cgi?id=1213344
• https://bugzilla.suse.com/show_bug.cgi?id=1213346
• https://bugzilla.suse.com/show_bug.cgi?id=1213525