SUSE Container Update Advisory: 
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2023:4174-1
Container Tags        : suse/sle-micro-rancher/5.2:latest
Container Release     : 7.5.254
Severity              : important
Type                  : security
References            : 1084909 1210780 1214037 1214344 1214764 1215371 1216058 1216259
                        1216584 1216965 1216976 1217140 1217332 1217408 1217780 CVE-2023-31083
                        CVE-2023-39197 CVE-2023-39198 CVE-2023-45863 CVE-2023-45871 CVE-2023-5717
                        CVE-2023-6176 
-----------------------------------------------------------------

The container  was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:4811-1
Released:    Wed Dec 13 19:01:09 2023
Summary:     Security update for the Linux Kernel
Type:        security
Severity:    important
References:  1084909,1210780,1214037,1214344,1214764,1215371,1216058,1216259,1216584,1216965,1216976,1217140,1217332,1217408,1217780,CVE-2023-31083,CVE-2023-39197,CVE-2023-39198,CVE-2023-45863,CVE-2023-45871,CVE-2023-5717,CVE-2023-6176
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.


The following security bugs were fixed:

- CVE-2023-39197: Fixed a out-of-bounds read in nf_conntrack_dccp_packet() (bsc#1216976).
- CVE-2023-6176: Fixed a denial of service in the cryptographic algorithm scatterwalk functionality (bsc#1217332).
- CVE-2023-45863: Fixed a out-of-bounds write in fill_kobj_path() (bsc#1216058).
- CVE-2023-45871: Fixed an issue in the IGB driver, where the buffer size may not be adequate for frames larger than the MTU (bsc#1216259).
- CVE-2023-39198: Fixed a race condition leading to use-after-free in qxl_mode_dumb_create() (bsc#1216965).
- CVE-2023-31083: Fixed race condition in hci_uart_tty_ioctl (bsc#1210780).
- CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the Performance Events component (bsc#1216584).

The following non-security bugs were fixed:

- ALSA: hda: Disable power-save on KONTRON SinglePC (bsc#1217140).
- Call flush_delayed_fput() from nfsd main-loop (bsc#1217408).
- net: mana: Configure hwc timeout from hardware (bsc#1214037).
- net: mana: Fix MANA VF unload when hardware is unresponsive (bsc#1214764).
- powerpc: Do not clobber f0/vs0 during fp|altivec register save (bsc#1217780).


The following package changes have been done:

- kernel-default-5.3.18-150300.59.144.1 updated