The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2017-5753: Fixed spectre V1 vulnerability on netlink . * CVE-2017-5753: Fixed spectre vulnerability in prlimit . * CVE-2021-3923: Fixed stack information leak vulnerability that could lead to kernel protection bypass in infiniband RDMA . * CVE-2021-4203: Fixed use-after-free read flaw that was found in sock_getsockopt in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen . * CVE-2022-20567: Fixed use after free that could lead to a local privilege escalation in pppol2tp_create of l2tp_ppp.c . * CVE-2023-0590: Fixed race condition in qdisc_graft . * CVE-2023-1076: Fixed incorrect UID assigned to tun/tap sockets . * CVE-2023-1095: Fixed a NULL pointer dereference in nf_tables due to zeroed list head . * CVE-2023-1281: Fixed use after free that could lead to privilege escalation in tcindex . * CVE-2023-1390: Fixed remote DoS vulnerability in tipc_link_xmit . * CVE-2023-1513: Fixed an uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak . * CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler . * CVE-2023-23455: Fixed a denial of service inside atm_tc_enqueue in net/sched/sch_atm.c because of type confusion . * CVE-2023-28328: Fixed a denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c . * CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hci_conn_cleanup in net/bluetooth/hci_conn.c . * CVE-2023-28772: Fixed buffer overflow in seq_buf_putmem_hex in lib/seq_buf.c . The following non-security bugs were fixed: * Do not sign the vanilla kernel . * PCI: hv: Add a per-bus mutex state_lock . * PCI: hv: Fix a race condition in hv_irq_unmask that can cause panic . * PCI: hv: Remove the useless hv_pcichild_state from struct hv_pci_dev . * PCI: hv: fix a race condition bug in hv_pci_query_relations . * Revert "PCI: hv: Fix a timing issue which causes kdump to fail occasionally" . * cifs: fix double free in dfs mounts . * cifs: fix nodfs mount option . * cifs: handle reconnect of tcon when there is no cached dfs referral . * cifs: missing null pointer check in cifs_mount . * cifs: serialize all mount attempts . * cred: allow get_cred and put_cred to be given NULL . * ibmvnic: Process crqs after enabling interrupts . * ibmvnic: do not stop queue in xmit . * ipv6: raw: Deduct extension header length in rawv6_push_pending_frames . * kernel-module-subpackage: Fix expansion with -b parameter . ## Special Instructions and Notes: * Please reboot the system after installing this update.