Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

• CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225098).
• CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732).
• CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).
• CVE-2024-35869: smb: client: guarantee refcounted children from parent session (bsc#1224679).
• CVE-2024-38564: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (bsc#1226789).
• CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785).
• CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786).
• CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634,).
• CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595)
• CVE-2023-52837: nbd: fix uaf in nbd_open (bsc#1224935).
• CVE-2024-38541: of: module: add buffer overflow check in of_modalias() (bsc#1226587).
• CVE-2024-36971: net: fix __dst_negative_advice() race (bsc#1226145).
• CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).
• CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).
• CVE-2024-38610: drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map() (bsc#1226758).
• CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect()(bsc#1224766).
• CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
• CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225737).
• CVE-2023-52670: rpmsg: virtio: Free driver_override when rpmsg_remove() (bsc#1224696).
• CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749).
• CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866).
• CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840).
• CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518).
• CVE-2021-47555: net: vlan: fix underflow for the real_dev refcnt (bsc#1225467).
• CVE-2023-24023: Bluetooth: Add more enc key size check (bsc#1218148).
• CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749).
• CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703).
• CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384).

The following non-security bugs were fixed:

• Revert ‘build initrd without systemd’ (bsc#1195775)’
• cgroup: Add annotation for holding namespace_sem in current_cgns_cgroup_from_root() (bsc#1222254).
• cgroup: Eliminate the need for cgroup_mutex in proc_cgroup_show() (bsc#1222254).
• cgroup: Make operations on the cgroup root_list RCU safe (bsc#1222254).
• cgroup: Remove unnecessary list_empty() (bsc#1222254).
• cgroup: preserve KABI of cgroup_root (bsc#1222254).
• ocfs2: adjust enabling place for la window (bsc#1219224).
• ocfs2: fix sparse warnings (bsc#1219224).
• ocfs2: improve write IO performance when fragmentation is high (bsc#1219224).
• ocfs2: speed up chain-list searching (bsc#1219224).
• random: treat bootloader trust toggle the same way as cpu trust toggle (bsc#1226953).
• rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212).
• rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211).
• scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1216124).
• smb: client: ensure to try all targets when finding nested links (bsc#1224020).
• x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962).
• xfs: do not include bnobt blocks when reserving free block pool (bsc#1226270).