The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various
security and bugfixes.

The following security bugs were fixed:

• CVE-2021-4037: Fixed function logic vulnerability that allowed local
  users to create files for the XFS file-system with an unintended group
  ownership and with group execution and SGID permission bits set
  (bnc#1198702).
• CVE-2022-2153: Fixed vulnerability in KVM that could allow an
  unprivileged local attacker on the host to cause DoS (bnc#1200788).
• CVE-2022-2964: Fixed memory corruption issues in ax88179_178a devices
  (bnc#1202686).
• CVE-2022-2978: Fixed use-after-free in the NILFS file system that could
  lead to local privilege escalation or DoS (bnc#1202700).
• CVE-2022-3176: Fixed use-after-free in io_uring when using POLLFREE
  (bnc#1203391).
• CVE-2022-3424: Fixed use-after-free in gru_set_context_option(),
  gru_fault() and gru_handle_user_call_os() that could lead to kernel
  panic (bsc#1204166).
• CVE-2022-3521: Fixed race condition in kcm_tx_work() in
  net/kcm/kcmsock.c (bnc#1204355).
• CVE-2022-3524: Fixed memory leak in ipv6_renew_options() in the IPv6
  handler (bnc#1204354).
• CVE-2022-3535: Fixed memory leak in mvpp2_dbgfs_port_init() in
  drivers/net/ethernet/marvell/mvpp2/mvpp2_debugfs.c (bnc#1204417).
• CVE-2022-3542: Fixed memory leak in bnx2x_tpa_stop() in
  drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c (bnc#1204402).
• CVE-2022-3545: Fixed use-after-free in area_cache_get() in
  drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bnc#1204415).
• CVE-2022-3565: Fixed use-after-free in del_timer() in
  drivers/isdn/mISDN/l1oip_core.c (bnc#1204431).
• CVE-2022-3577: Fixed out-of-bounds memory write flaw in bigben device
  driver that could lead to local privilege escalation or DoS
  (bnc#1204470).
• CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could
  allow a local unprivileged user to cause a denial of service
  (bnc#1204439).
• CVE-2022-3594: Fixed excessive data logging in intr_callback() in
  drivers/net/usb/r8152.c (bnc#1204479).
• CVE-2022-3621: Fixed null pointer dereference in
  nilfs_bmap_lookup_at_level() in fs/nilfs2/inode.c (bnc#1204574).
• CVE-2022-3625: Fixed use-after-free in
  devlink_param_set()/devlink_param_get() in net/core/devlink.c
  (bnc#1204637).
• CVE-2022-3629: Fixed memory leak in vsock_connect() in
  net/vmw_vsock/af_vsock.c (bnc#1204635).
• CVE-2022-3640: Fixed use-after-free in l2cap_conn_del() in
  net/bluetooth/l2cap_core.c (bnc#1204619).
• CVE-2022-3646: Fixed memory leak in nilfs_attach_log_writer() in
  fs/nilfs2/segment.c (bnc#1204646).
• CVE-2022-3649: Fixed use-after-free in nilfs_new_inode() in
  fs/nilfs2/inode.c (bnc#1204647).
• CVE-2022-39189: Fixed a flaw in the x86 KVM subsystem that could allow
  unprivileged guest users to compromise the guest kernel via TLB flush
  operations on preempted vCPU (bnc#1203066).
• CVE-2022-42703: Fixed use-after-free in mm/rmap.c related to leaf
  anon_vma double reuse (bnc#1204168).
• CVE-2022-43750: Fixed vulnerability in usbmon that allowed a user-space
  client to corrupt the monitor's internal memory (bnc#1204653).

The following non-security bugs were fixed:
https://lists.suse.com/pipermail/sle-security-updates/2022-November/012967.html