Title of the patch: Security update for the Linux Kernel

---

Description of the patch: The SUSE Linux Enterprise 12 SP4 kernel was updated. The following security bugs were fixed: - CVE-2022-21127: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650) - CVE-2022-21123: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650) - CVE-2022-21125: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650) - CVE-2022-21180: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650) - CVE-2022-21166: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650) - CVE-2022-1652: Fixed a statically allocated error counter inside the floppy kernel module (bsc#1199063). - CVE-2022-1734: Fixed a r/w use-after-free when non synchronized between cleanup routine and firmware download routine. (bnc#1199605) - CVE-2021-39711: Fixed a possible out of bounds read due to Incorrect Size Value. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation (bnc#1197219). - CVE-2022-30594: Fixed restriction bypass on setting the PT_SUSPEND_SECCOMP flag (bnc#1199505). - CVE-2021-33061: Fixed insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters that may have allowed an authenticated user to potentially enable denial of service via local access (bnc#1196426). - CVE-2022-1516: Fixed null-ptr-deref caused by x25_disconnect (bsc#1199012). - CVE-2021-20321: Fixed a race condition accessing file object in the OverlayFS subsystem in the way users do rename in specific way with OverlayFS. A local user could have used this flaw to crash the system (bnc#1191647). - CVE-2022-1419: Fixed a concurrency use-after-free in vgem_gem_dumb_create (bsc#1198742). - CVE-2021-43389: Fixed an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c (bnc#1191958). - CVE-2019-20811: Fixed issue in rx_queue_add_kobject() and netdev_queue_add_kobject() in net/core/net-sysfs.c, where a reference count is mishandled (bnc#1172456). - CVE-2021-38208: Fixed a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call (bnc#1187055). - CVE-2022-1353: Fixed access controll to kernel memory in the pfkey_register function in net/key/af_key.c. (bnc#1198516) - CVE-2021-20292: Fixed object validation prior to performing operations on the object in nouveau_sgdma_create_ttm in Nouveau DRM subsystem (bnc#1183723). - CVE-2022-1011: Fixed an use-after-free vulnerability which could allow a local attacker to retireve (partial) /etc/shadow hashes or any other data from filesystem when he can mount a FUSE filesystems. (bnc#1197343) The following non-security bugs were fixed: - btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized (bsc#1199399). - btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized (bsc#1199399). - debug: Lock down kgdb (bsc#1199426). - dimlib: make DIMLIB a hidden symbol (bsc#1197099 jsc#SLE-24124). - lib/dim: Fix -Wunused-const-variable warnings (bsc#1197099 jsc#SLE-24124). - lib/dim: fix help text typos (bsc#1197099 jsc#SLE-24124). - linux/dim: Add completions count to dim_sample (bsc#1197099 jsc#SLE-24124). - linux/dim: Fix overflow in dim calculation (bsc#1197099 jsc#SLE-24124). - linux/dim: Implement RDMA adaptive moderation (DIM) (bsc#1197099 jsc#SLE-24124). - linux/dim: Move implementation to .c files (bsc#1197099 jsc#SLE-24124). - linux/dim: Move logic to dim.h (bsc#1197099 jsc#SLE-24124). - linux/dim: Remove 'net' prefix from internal DIM members (bsc#1197099 jsc#SLE-24124). - linux/dim: Rename externally exposed macros (bsc#1197099 jsc#SLE-24124). - linux/dim: Rename externally used net_dim members (bsc#1197099 jsc#SLE-24124). - linux/dim: Rename net_dim_sample() to net_dim_update_sample() (bsc#1197099 jsc#SLE-24124). - net: ena: A typo fix in the file ena_com.h (bsc#1197099 jsc#SLE-24124). - net: ena: Add capabilities field with support for ENI stats capability (bsc#1197099 jsc#SLE-24124). - net: ena: add device distinct log prefix to files (bsc#1197099 jsc#SLE-24124). - net: ena: Add first_interrupt field to napi struct (bsc#1197099 jsc#SLE-24124). - net: ena: add intr_moder_rx_interval to struct ena_com_dev and use it (bsc#1197099 jsc#SLE-24124). - net: ena: add jiffies of last napi call to stats (bsc#1197099 jsc#SLE-24124). - net: ena: add missing ethtool TX timestamping indication (bsc#1197099 jsc#SLE-24124). - net: ena: add reserved PCI device ID (bsc#1197099 jsc#SLE-24124). - net: ena: add support for reporting of packet drops (bsc#1197099 jsc#SLE-24124). - net: ena: add support for the rx offset feature (bsc#1197099 jsc#SLE-24124). - net: ena: add support for traffic mirroring (bsc#1197099 jsc#SLE-24124). - net: ena: add unmask interrupts statistics to ethtool (bsc#1197099 jsc#SLE-24124). - net: ena: aggregate stats increase into a function (bsc#1197099 jsc#SLE-24124). - net: ena: allow setting the hash function without changing the key (bsc#1197099 jsc#SLE-24124). - net: ena: avoid memory access violation by validating req_id properly (bsc#1197099 jsc#SLE-24124). - net: ena: avoid unnecessary admin command when RSS function set fails (bsc#1197099 jsc#SLE-24124). - net: ena: avoid unnecessary rearming of interrupt vector when busy-polling (bsc#1197099 jsc#SLE-24124). - net: ena: Capitalize all log strings and improve code readability (bsc#1197099 jsc#SLE-24124). - net: ena: change default RSS hash function to Toeplitz (bsc#1197099 jsc#SLE-24124). - net: ena: Change ENI stats support check to use capabilities field (bsc#1197099 jsc#SLE-24124). - net: ena: Change license into format to SPDX in all files (bsc#1197099 jsc#SLE-24124). - net: ena: Change log message to netif/dev function (bsc#1197099 jsc#SLE-24124). - net: ena: change num_queues to num_io_queues for clarity and consistency (bsc#1197099 jsc#SLE-24124). - net: ena: Change return value of ena_calc_io_queue_size() to void (bsc#1197099 jsc#SLE-24124). - net: ena: Change RSS related macros and variables names (bsc#1197099 jsc#SLE-24124). - net: ena: Change the name of bad_csum variable (bsc#1197099 jsc#SLE-24124). - net: ena: changes to RSS hash key allocation (bsc#1197099 jsc#SLE-24124). - net: ena: clean up indentation issue (bsc#1197099 jsc#SLE-24124). - net: ena: cosmetic: change ena_com_stats_admin stats to u64 (bsc#1197099 jsc#SLE-24124). - net: ena: cosmetic: code reorderings (bsc#1197099 jsc#SLE-24124). - net: ena: cosmetic: extract code to ena_indirection_table_set() (bsc#1197099 jsc#SLE-24124). - net: ena: cosmetic: fix line break issues (bsc#1197099 jsc#SLE-24124). - net: ena: cosmetic: fix spacing issues (bsc#1197099 jsc#SLE-24124). - net: ena: cosmetic: fix spelling and grammar mistakes in comments (bsc#1197099 jsc#SLE-24124). - net: ena: cosmetic: minor code changes (bsc#1197099 jsc#SLE-24124). - net: ena: cosmetic: remove unnecessary code (bsc#1197099 jsc#SLE-24124). - net: ena: cosmetic: remove unnecessary spaces and tabs in ena_com.h macros (bsc#1197099 jsc#SLE-24124). - net: ena: cosmetic: rename ena_update_tx/rx_rings_intr_moderation() (bsc#1197099 jsc#SLE-24124). - net: ena: cosmetic: set queue sizes to u32 for consistency (bsc#1197099 jsc#SLE-24124). - net: ena: do not wake up tx queue when down (bsc#1197099 jsc#SLE-24124). - net: ena: drop superfluous prototype (bsc#1197099 jsc#SLE-24124). - net: ena: ena-com.c: prevent NULL pointer dereference (bsc#1197099 jsc#SLE-24124). - net: ena: enable support of rss hash key and function changes (bsc#1197099 jsc#SLE-24124). - net: ena: enable the interrupt_moderation in driver_supported_features (bsc#1197099 jsc#SLE-24124). - net: ena: ethtool: Add new device statistics (bsc#1197099 jsc#SLE-24124). - net: ena: ethtool: clean up minor indentation issue (bsc#1197099 jsc#SLE-24124). - net: ena: ethtool: convert stat_offset to 64 bit resolution (bsc#1197099 jsc#SLE-24124). - net: ena: ethtool: get_channels: use combined only (bsc#1197099 jsc#SLE-24124). - net: ena: ethtool: remove redundant non-zero check on rc (bsc#1197099 jsc#SLE-24124). - net: ena: ethtool: support set_channels callback (bsc#1197099 jsc#SLE-24124). - net: ena: ethtool: use correct value for crc32 hash (bsc#1197099 jsc#SLE-24124). - net: ena: Fix all static chekers' warnings (bsc#1197099 jsc#SLE-24124). - net: ena: Fix build warning in ena_xdp_set() (bsc#1197099 jsc#SLE-24124). - net: ena: fix coding style nits (bsc#1197099 jsc#SLE-24124). - net: ena: fix continuous keep-alive resets (bsc#1197099 jsc#SLE-24124). - net: ena: fix corruption of dev_idx_to_host_tbl (bsc#1197099 jsc#SLE-24124). - net: ena: fix default tx interrupt moderation interval (bsc#1197099 jsc#SLE-24124). - net: ena: fix ena_com_comp_status_to_errno() return value (bsc#1197099 jsc#SLE-24124). - net: ena: Fix error handling when calculating max IO queues number (bsc#1197099 jsc#SLE-24124). - net: ena: fix error returning in ena_com_get_hash_function() (bsc#1197099 jsc#SLE-24124). - net: ena: fix inaccurate print type (bsc#1197099 jsc#SLE-24124). - net: ena: fix incorrect default RSS key (bsc#1197099 jsc#SLE-24124). - net: ena: fix incorrect setting of the number of msix vectors (bsc#1197099 jsc#SLE-24124). - net: ena: fix incorrect update of intr_delay_resolution (bsc#1197099 jsc#SLE-24124). - net: ena: fix incorrectly saving queue numbers when setting RSS indirection table (bsc#1197099 jsc#SLE-24124). - net: ena: fix issues in setting interrupt moderation params in ethtool (bsc#1197099 jsc#SLE-24124). - net: ena: fix packet's addresses for rx_offset feature (bsc#1197099 jsc#SLE-24124). - net: ena: fix potential crash when rxfh key is NULL (bsc#1197099 jsc#SLE-24124). - net: ena: fix request of incorrect number of IRQ vectors (bsc#1197099 jsc#SLE-24124). - net: ena: fix retrieval of nonadaptive interrupt moderation intervals (bsc#1197099 jsc#SLE-24124). - net: ena: fix update of interrupt moderation register (bsc#1197099 jsc#SLE-24124). - net: ena: fix uses of round_jiffies() (bsc#1197099 jsc#SLE-24124). - net: ena: Fix using plain integer as NULL pointer in ena_init_napi_in_range (bsc#1197099 jsc#SLE-24124). - net: ena: Fix wrong rx request id by resetting device (bsc#1197099 jsc#SLE-24124). - net: ena: handle bad request id in ena_netdev (bsc#1197099 jsc#SLE-24124). - net: ena: Improve error logging in driver (bsc#1197099 jsc#SLE-24124). - net: ena: make ena rxfh support ETH_RSS_HASH_NO_CHANGE (bsc#1197099 jsc#SLE-24124). - net: ena: make ethtool -l show correct max number of queues (bsc#1197099 jsc#SLE-24124). - net: ena: Make missed_tx stat incremental (bsc#1197099 jsc#SLE-24124). - net: ena: make symbol 'ena_alloc_map_page' static (bsc#1197099 jsc#SLE-24124). - net: ena: move llq configuration from ena_probe to ena_device_init() (bsc#1197099 jsc#SLE-24124). - net: ena: Move reset completion print to the reset function (bsc#1197099 jsc#SLE-24124). - net: ena: multiple queue creation related cleanups (bsc#1197099 jsc#SLE-24124). - net: ena: Prevent reset after device destruction (bsc#1197099 jsc#SLE-24124). - net: ena: re-organize code to improve readability (bsc#1197099 jsc#SLE-24124). - net: ena: reduce driver load time (bsc#1197099 jsc#SLE-24124). - net: ena: reimplement set/get_coalesce() (bsc#1197099 jsc#SLE-24124). - net: ena: remove all old adaptive rx interrupt moderation code from ena_com (bsc#1197099 jsc#SLE-24124). - net: ena: remove code duplication in ena_com_update_nonadaptive_moderation_interval _*() (bsc#1197099 jsc#SLE-24124). - net: ena: remove code that does nothing (bsc#1197099 jsc#SLE-24124). - net: ena: Remove ena_calc_queue_size_ctx struct (bsc#1197099 jsc#SLE-24124). - net: ena: remove ena_restore_ethtool_params() and relevant fields (bsc#1197099 jsc#SLE-24124). - net: ena: remove extra words from comments (bsc#1197099 jsc#SLE-24124). - net: ena: Remove module param and change message severity (bsc#1197099 jsc#SLE-24124). - net: ena: remove old adaptive interrupt moderation code from ena_netdev (bsc#1197099 jsc#SLE-24124). - net: ena: remove redundant print of number of queues (bsc#1197099 jsc#SLE-24124). - net: ena: Remove redundant print of placement policy (bsc#1197099 jsc#SLE-24124). - net: ena: Remove redundant return code check (bsc#1197099 jsc#SLE-24124). - net: ena: remove set but not used variable 'hash_key' (bsc#1197099 jsc#SLE-24124). - net: ena: Remove unused code (bsc#1197099 jsc#SLE-24124). - net: ena: rename ena_com_free_desc to make API more uniform (bsc#1197099 jsc#SLE-24124). - net: ena: rss: do not allocate key when not supported (bsc#1197099 jsc#SLE-24124). - net: ena: rss: fix failure to get indirection table (bsc#1197099 jsc#SLE-24124). - net: ena: rss: store hash function as values and not bits (bsc#1197099 jsc#SLE-24124). - net: ena: Select DIMLIB for ENA_ETHERNET (bsc#1197099 jsc#SLE-24124). - net: ena: set initial DMA width to avoid intel iommu issue (bsc#1197099 jsc#SLE-24124). - net: ena: simplify ena_com_update_intr_delay_resolution() (bsc#1197099 jsc#SLE-24124). - net: ena: store values in their appropriate variables types (bsc#1197099 jsc#SLE-24124). - net: ena: support new LLQ acceleration mode (bsc#1197099 jsc#SLE-24124). - net: ena: switch to dim algorithm for rx adaptive interrupt moderation (bsc#1197099 jsc#SLE-24124). - net: ena: use constant value for net_device allocation (bsc#1197099 jsc#SLE-24124). - net: ena: Use dev_alloc() in RX buffer allocation (bsc#1197099 jsc#SLE-24124). - net: ena: use explicit variable size for clarity (bsc#1197099 jsc#SLE-24124). - net: ena: use SHUTDOWN as reset reason when closing interface (bsc#1197099 jsc#SLE-24124). - net: mana: Add counter for packet dropped by XDP (bsc#1195651). - net: mana: Add counter for XDP_TX (bsc#1195651). - net: mana: Add handling of CQE_RX_TRUNCATED (bsc#1195651). - net: mana: Remove unnecessary check of cqe_type in mana_process_rx_cqe() (bsc#1195651). - net: mana: Reuse XDP dropped page (bsc#1195651). - net: mana: Use struct_size() helper in mana_gd_create_dma_region() (bsc#1195651). - net: update net_dim documentation after rename (bsc#1197099 jsc#SLE-24124). - PCI: hv: Do not set PCI_COMMAND_MEMORY to reduce VM boot time (bsc#1199314). - powerpc/pseries: extract host bridge from pci_bus prior to bus removal (bsc#1182171 ltc#190900 bsc#1198660 ltc#197803). - powerpc/pseries: Fix use after free in remove_phb_dynamic() (bsc#1065729 bsc#1198660 ltc#197803). - scsi: scsi_dh_alua: Avoid crash during alua_bus_detach() (bsc#1028340 bsc#1198825). - x86/pm: Save the MSR validity status at context setup (bsc#1114648). - x86/speculation: Restore speculation related MSRs during S3 resume (bsc#1114648).

---

Patchnames: SUSE-2022-2083,SUSE-OpenStack-Cloud-9-2022-2083,SUSE-OpenStack-Cloud-Crowbar-9-2022-2083,SUSE-SLE-HA-12-SP4-2022-2083,SUSE-SLE-Live-Patching-12-SP4-2022-2083,SUSE-SLE-SAP-12-SP4-2022-2083,SUSE-SLE-SERVER-12-SP4-LTSS-2022-2083

---

Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).