The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various
security and bugfixes.

The following security bugs were fixed:

• CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre
  like Branch Target Buffer attack, that can leak arbitrary kernel
  information (bsc#1199657).
• CVE-2022-34918: Fixed a buffer overflow with nft_set_elem_init() that
  could be used by a local attacker to escalate privileges (bnc#1201171).
• CVE-2021-26341: Some AMD CPUs may transiently execute beyond
  unconditional direct branches, which may potentially result in data
  leakage (bsc#1201050).
• CVE-2022-1679: Fixed a use-after-free in the Atheros wireless driver in
  the way a user forces the ath9k_htc_wait_for_target function to fail
  with some input messages (bsc#1199487).
• CVE-2022-20132: Fixed out of bounds read due to improper input
  validation in lg_probe and related functions of hid-lg.c (bsc#1200619).
• CVE-2022-1012: Fixed information leak caused by small table perturb size
  in the TCP source port generation algorithm (bsc#1199482).
• CVE-2022-33981: Fixed use-after-free in floppy driver (bsc#1200692)
• CVE-2022-20141: Fixed a possible use after free due to improper locking
  in ip_check_mc_rcu() (bsc#1200604).
• CVE-2021-4157: Fixed an out of memory bounds write flaw in the NFS
  subsystem, related to the replication of files with NFS. A user could
  potentially crash the system or escalate privileges on the system
  (bsc#1194013).
• CVE-2022-20154: Fixed a use after free due to a race condition in
  lock_sock_nested of sock.c. This could lead to local escalation of
  privilege with System execution privileges needed (bsc#1200599).

The following non-security bugs were fixed:
https://lists.suse.com/pipermail/sle-security-updates/2022-July/011657.html