drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in Linux
Name: |
Mehrere Probleme in Linux |
|
ID: |
SUSE-SU-2023:2805-1 |
|
Distribution: |
SUSE |
|
Plattformen: |
SUSE Linux Enterprise High Performance Computing 12 SP2, SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2, SUSE Linux Enterprise Server 12 SP2 |
|
Datum: |
Di, 11. Juli 2023, 12:10 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3141
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1118
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1249
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28328
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45887
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3090
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2162
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3161
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0590
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5753
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1670
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31436
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1380
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1989
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23455
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30772
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2194
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1095
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23454
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2513
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1513
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1390
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45886
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28772
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28464
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3566
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20784
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45885
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32269
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35824
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1077
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1998
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3159
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45919
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1611
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45884
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1990
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2124 |
|
Applikationen: |
Linux |
|
Originalnachricht |
--===============6701684759831494745== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit
# Security update for the Linux Kernel
Announcement ID: SUSE-SU-2023:2805-1 Rating: important References:
* #1126703 * #1204405 * #1205756 * #1205758 * #1205760 * #1205762 * #1205803 * #1206878 * #1207036 * #1207125 * #1207168 * #1207795 * #1208600 * #1208777 * #1208837 * #1209008 * #1209039 * #1209052 * #1209256 * #1209287 * #1209289 * #1209291 * #1209532 * #1209549 * #1209687 * #1209871 * #1210329 * #1210336 * #1210337 * #1210498 * #1210506 * #1210647 * #1210715 * #1210940 * #1211105 * #1211186 * #1211449 * #1212128 * #1212129 * #1212154 * #1212501 * #1212842
Cross-References:
* CVE-2017-5753 * CVE-2018-20784 * CVE-2022-3566 * CVE-2022-45884 * CVE-2022-45885 * CVE-2022-45886 * CVE-2022-45887 * CVE-2022-45919 * CVE-2023-0590 * CVE-2023-1077 * CVE-2023-1095 * CVE-2023-1118 * CVE-2023-1249 * CVE-2023-1380 * CVE-2023-1390 * CVE-2023-1513 * CVE-2023-1611 * CVE-2023-1670 * CVE-2023-1989 * CVE-2023-1990 * CVE-2023-1998 * CVE-2023-2124 * CVE-2023-2162 * CVE-2023-2194 * CVE-2023-23454 * CVE-2023-23455 * CVE-2023-2513 * CVE-2023-28328 * CVE-2023-28464 * CVE-2023-28772 * CVE-2023-30772 * CVE-2023-3090 * CVE-2023-3141 * CVE-2023-31436 * CVE-2023-3159 * CVE-2023-3161 * CVE-2023-32269 * CVE-2023-35824
CVSS scores:
* CVE-2017-5753 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2017-5753 ( SUSE ): 7.1 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N * CVE-2017-5753 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2017-5753 ( NVD ): 5.6 CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2018-20784 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2018-20784 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2018-20784 ( NVD ): 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-3566 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-3566 ( NVD ): 7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-45884 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-45884 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-45885 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-45885 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-45886 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-45886 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-45887 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-45887 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-45919 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-45919 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-0590 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-0590 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-1077 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1077 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1095 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-1095 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-1118 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1118 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1249 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2023-1249 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-1380 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-1380 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-1390 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-1390 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-1513 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-1513 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-1611 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-1611 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-1670 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H * CVE-2023-1670 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1989 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1989 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1990 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1990 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-1998 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-1998 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-2124 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-2124 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-2162 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-2162 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-2194 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2023-2194 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-23454 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-23454 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-23455 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-23455 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-2513 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-2513 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-28328 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-28328 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-28464 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-28464 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-28772 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-28772 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-30772 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-30772 ( NVD ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-3090 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-3090 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-3141 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2023-3141 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-31436 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-31436 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-3159 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-3159 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-3161 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-3161 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-32269 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-32269 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-35824 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-35824 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2
An update that solves 38 vulnerabilities and has four fixes can now be installed.
## Description:
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
* CVE-2017-5753: Fixed spectre vulnerability in prlimit (bsc#1209256). * CVE-2022-3566: Fixed race condition in the TCP Handler (bsc#1204405). * CVE-2022-45884: Fixed a use-after-free in dvbdev.c, related to dvb_register_device dynamically allocating fops (bsc#1205756). * CVE-2022-45885: Fixed a race condition in dvb_frontend.c that could cause a use-after-free when a device is disconnected (bsc#1205758). * CVE-2022-45886: Fixed a .disconnect versus dvb_device_open race condition in dvb_net.c that lead to a use-after-free (bsc#1205760). * CVE-2022-45887: Fixed a memory leak in ttusb_dec.c caused by the lack of a dvb_frontend_detach call (bsc#1205762). * CVE-2022-45919: Fixed a use-after-free in dvb_ca_en50221.c that could occur if there is a disconnect after an open, because of the lack of a wait_event (bsc#1205803). * CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795). * CVE-2023-1077: Fixed a type confusion in pick_next_rt_entity(), that could cause memory corruption (bsc#1208600). * CVE-2023-1095: Fixed a NULL pointer dereference in nf_tables due to zeroed list head (bsc#1208777). * CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837). * CVE-2023-1249: Fixed a use-after-free flaw in the core dump subsystem that allowed a local user to crash the system (bsc#1209039). * CVE-2023-1380: Fixed a slab-out-of-bound read problem in brcmf_get_assoc_ies() (bsc#1209287). * CVE-2023-1390: Fixed remote DoS vulnerability in tipc_link_xmit() (bsc#1209289). * CVE-2023-1513: Fixed an uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak (bsc#1209532). * CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687). * CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871). * CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336). * CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337). * CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506). * CVE-2023-2124: Fixed an out-of-bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498). * CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647). * CVE-2023-2194: Fixed an out-of-bounds write vulnerability in the SLIMpro I2C device driver (bsc#1210715). * CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler (bsc#1207036). * CVE-2023-23455: Fixed a denial of service inside atm_tc_enqueue in net/sched/sch_atm.c because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results) (bsc#1207125). * CVE-2023-2513: Fixed a use-after-free vulnerability in the ext4 filesystem (bsc#1211105). * CVE-2023-28328: Fixed a denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c (bsc#1209291). * CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hci_conn_cleanup in net/uetooth/hci_conn.c (bsc#1209052). * CVE-2023-28772: Fixed buffer overflow in seq_buf_putmem_hex in lib/seq_buf.c (bsc#1209549). * CVE-2023-30772: Fixed race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329). * CVE-2023-3090: Fixed a heap out-of-bounds write in the ipvlan network driver (bsc#1212842). * CVE-2023-3141: Fixed a use-after-free flaw in r592_remove in drivers/memstick/host/r592.c, that allowed local attackers to crash the system at device disconnect (bsc#1212129). * CVE-2023-31436: Fixed an out-of-bounds write in qfq_change_class() because lmax can exceed QFQ_MIN_LMAX (bsc#1210940). * CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212128). * CVE-2023-3161: Fixed shift-out-of-bounds in fbcon_set_font() (bsc#1212154). * CVE-2023-32269: Fixed a use-after-free in af_netrom.c, related to the fact that accept() was also allowed for a successfully connected AF_NETROM socket (bsc#1211186). * CVE-2023-35824: Fixed a use-after-free in dm1105_remove in drivers/media/pci/dm1105/dm1105.c (bsc#1212501).
The following non-security bugs were fixed:
* Do not sign the vanilla kernel (bsc#1209008). * Drop dvb-core fix patch due to regression (bsc#1205758). * Revert CVE-2018-20784 due to regression (bsc#1126703). * binfmt_elf: Take the mmap lock when walking the VMA list (bsc#1209039 CVE-2023-1249). * bluetooth: Fix double free in hci_conn_cleanup (bsc#1209052 CVE-2023-28464). * bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work (CVE-2023-1989 bsc#1210336). * btrfs: fix race between quota disable and quota assign ioctls (CVE-2023-1611 bsc#1209687). * do not fallthrough in cbq_classify and stop on TC_ACT_SHOT (bsc#1207036 CVE-2023-23454 bsc#1207125 CVE-2023-23455). * ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h (bsc#1206878). * ext4: fix use-after-free in ext4_xattr_set_entry (bsc#1206878 bsc#1211105 CVE-2023-2513). * fbcon: Check font dimension limits (CVE-2023-3161 bsc#1212154). * firewire: fix potential uaf in outbound_phy_packet_callback() (CVE-2023-3159 bsc#1212128). * fix a mistake in the CVE-2023-0590 / bsc#1207795 backport * i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() (bsc#1210715 CVE-2023-2194). * ipv6: raw: Deduct extension header length in rawv6_push_pending_frames (bsc#1207168). * ipvlan:Fix out-of-bounds caused by unclear skb->cb (bsc#1212842 CVE-2023-3090). * kernel/sys.c: fix potential Spectre v1 issue (bsc#1209256 CVE-2017-5753). * kvm: initialize all of the kvm_debugregs structure before sending it to userspace (bsc#1209532 CVE-2023-1513). * media: dm1105: Fix use after free bug in dm1105_remove due to race condition (bsc#1212501 CVE-2023-35824). * media: dvb-core: Fix use-after-free due on race condition at dvb_net (CVE-2022-45886 bsc#1205760). * media: dvb-core: Fix use-after-free due to race at dvb_register_device() (CVE-2022-45884 bsc#1205756). * media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 (CVE-2022-45919 bsc#1205803). * media: dvb-core: Fix use-after-free on race condition at dvb_frontend (CVE-2022-45885 bsc#1205758). * media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() (bsc#1209291 CVE-2023-28328). * media: dvb_frontend: kABI workaround (CVE-2022-45885 bsc#1205758). * media: dvb_net: kABI workaround (CVE-2022-45886 bsc#1205760). * media: dvbdev: fix error logic at dvb_register_device() (CVE-2022-45884 bsc#1205756). * media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() (CVE-2023-1118 bsc#1208837). * media: ttusb-dec: fix memory leak in ttusb_dec_exit_dvb() (CVE-2022-45887 bsc#1205762). * memstick: r592: Fix UAF bug in r592_remove due to race condition (CVE-2023-3141 bsc#1212129 bsc#1211449). * net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg (bsc#1210940 CVE-2023-31436). * netfilter: nf_tables: fix null deref due to zeroed list head (CVE-2023-1095 bsc#1208777). * netrom: Fix use-after-free caused by accept on already connected socket (bsc#1211186 CVE-2023-32269). * nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition (git-fixes bsc#1210337 CVE-2023-1990). * power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition (CVE-2023-30772 bsc#1210329). * prlimit: do_prlimit needs to have a speculation check (bsc#1209256 CVE-2017-5753). * sched/rt: pick_next_rt_entity(): check list_entry (bsc#1208600 CVE-2023-1077). * scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress (bsc#1210647 CVE-2023-2162). * seq_buf: Fix overflow in seq_buf_putmem_hex() (bsc#1209549 CVE-2023-28772). * tcp: Fix data races around icsk->icsk_af_ops (bsc#1204405 CVE-2022-3566). * tipc: fix NULL deref in tipc_link_xmit() (bsc#1209289 CVE-2023-1390). * wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() (bsc#1209287 CVE-2023-1380). * x86/speculation: Allow enabling STIBP with legacy IBRS (bsc#1210506 CVE-2023-1998). * xfs: verify buffer contents when we skip log replay (bsc#1210498 CVE-2023-2124). * xirc2ps_cs: Fix use after free bug in xirc2ps_detach (bsc#1209871 CVE-2023-1670).
## Special Instructions and Notes:
* Please reboot the system after installing this update.
## Patch Instructions:
To install this SUSE Important update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product:
* SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2023-2805=1
## Package List:
* SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 (nosrc x86_64) * kernel-default-4.4.121-92.205.1 * SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 (x86_64) * kernel-syms-4.4.121-92.205.1 * kernel-default-base-debuginfo-4.4.121-92.205.1 * kernel-default-debuginfo-4.4.121-92.205.1 * kernel-default-devel-4.4.121-92.205.1 * kernel-default-base-4.4.121-92.205.1 * kernel-default-debugsource-4.4.121-92.205.1 * SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 (noarch) * kernel-devel-4.4.121-92.205.1 * kernel-macros-4.4.121-92.205.1 * kernel-source-4.4.121-92.205.1
## References:
* https://www.suse.com/security/cve/CVE-2017-5753.html * https://www.suse.com/security/cve/CVE-2018-20784.html * https://www.suse.com/security/cve/CVE-2022-3566.html * https://www.suse.com/security/cve/CVE-2022-45884.html * https://www.suse.com/security/cve/CVE-2022-45885.html * https://www.suse.com/security/cve/CVE-2022-45886.html * https://www.suse.com/security/cve/CVE-2022-45887.html * https://www.suse.com/security/cve/CVE-2022-45919.html * https://www.suse.com/security/cve/CVE-2023-0590.html * https://www.suse.com/security/cve/CVE-2023-1077.html * https://www.suse.com/security/cve/CVE-2023-1095.html * https://www.suse.com/security/cve/CVE-2023-1118.html * https://www.suse.com/security/cve/CVE-2023-1249.html * https://www.suse.com/security/cve/CVE-2023-1380.html * https://www.suse.com/security/cve/CVE-2023-1390.html * https://www.suse.com/security/cve/CVE-2023-1513.html * https://www.suse.com/security/cve/CVE-2023-1611.html * https://www.suse.com/security/cve/CVE-2023-1670.html * https://www.suse.com/security/cve/CVE-2023-1989.html * https://www.suse.com/security/cve/CVE-2023-1990.html * https://www.suse.com/security/cve/CVE-2023-1998.html * https://www.suse.com/security/cve/CVE-2023-2124.html * https://www.suse.com/security/cve/CVE-2023-2162.html * https://www.suse.com/security/cve/CVE-2023-2194.html * https://www.suse.com/security/cve/CVE-2023-23454.html * https://www.suse.com/security/cve/CVE-2023-23455.html * https://www.suse.com/security/cve/CVE-2023-2513.html * https://www.suse.com/security/cve/CVE-2023-28328.html * https://www.suse.com/security/cve/CVE-2023-28464.html * https://www.suse.com/security/cve/CVE-2023-28772.html * https://www.suse.com/security/cve/CVE-2023-30772.html * https://www.suse.com/security/cve/CVE-2023-3090.html * https://www.suse.com/security/cve/CVE-2023-3141.html * https://www.suse.com/security/cve/CVE-2023-31436.html * https://www.suse.com/security/cve/CVE-2023-3159.html * https://www.suse.com/security/cve/CVE-2023-3161.html * https://www.suse.com/security/cve/CVE-2023-32269.html * https://www.suse.com/security/cve/CVE-2023-35824.html * https://bugzilla.suse.com/show_bug.cgi?id=1126703 * https://bugzilla.suse.com/show_bug.cgi?id=1204405 * https://bugzilla.suse.com/show_bug.cgi?id=1205756 * https://bugzilla.suse.com/show_bug.cgi?id=1205758 * https://bugzilla.suse.com/show_bug.cgi?id=1205760 * https://bugzilla.suse.com/show_bug.cgi?id=1205762 * https://bugzilla.suse.com/show_bug.cgi?id=1205803 * https://bugzilla.suse.com/show_bug.cgi?id=1206878 * https://bugzilla.suse.com/show_bug.cgi?id=1207036 * https://bugzilla.suse.com/show_bug.cgi?id=1207125 * https://bugzilla.suse.com/show_bug.cgi?id=1207168 * https://bugzilla.suse.com/show_bug.cgi?id=1207795 * https://bugzilla.suse.com/show_bug.cgi?id=1208600 * https://bugzilla.suse.com/show_bug.cgi?id=1208777 * https://bugzilla.suse.com/show_bug.cgi?id=1208837 * https://bugzilla.suse.com/show_bug.cgi?id=1209008 * https://bugzilla.suse.com/show_bug.cgi?id=1209039 * https://bugzilla.suse.com/show_bug.cgi?id=1209052 * https://bugzilla.suse.com/show_bug.cgi?id=1209256 * https://bugzilla.suse.com/show_bug.cgi?id=1209287 * https://bugzilla.suse.com/show_bug.cgi?id=1209289 * https://bugzilla.suse.com/show_bug.cgi?id=1209291 * https://bugzilla.suse.com/show_bug.cgi?id=1209532 * https://bugzilla.suse.com/show_bug.cgi?id=1209549 * https://bugzilla.suse.com/show_bug.cgi?id=1209687 * https://bugzilla.suse.com/show_bug.cgi?id=1209871 * https://bugzilla.suse.com/show_bug.cgi?id=1210329 * https://bugzilla.suse.com/show_bug.cgi?id=1210336 * https://bugzilla.suse.com/show_bug.cgi?id=1210337 * https://bugzilla.suse.com/show_bug.cgi?id=1210498 * https://bugzilla.suse.com/show_bug.cgi?id=1210506 * https://bugzilla.suse.com/show_bug.cgi?id=1210647 * https://bugzilla.suse.com/show_bug.cgi?id=1210715 * https://bugzilla.suse.com/show_bug.cgi?id=1210940 * https://bugzilla.suse.com/show_bug.cgi?id=1211105 * https://bugzilla.suse.com/show_bug.cgi?id=1211186 * https://bugzilla.suse.com/show_bug.cgi?id=1211449 * https://bugzilla.suse.com/show_bug.cgi?id=1212128 * https://bugzilla.suse.com/show_bug.cgi?id=1212129 * https://bugzilla.suse.com/show_bug.cgi?id=1212154 * https://bugzilla.suse.com/show_bug.cgi?id=1212501 * https://bugzilla.suse.com/show_bug.cgi?id=1212842
--===============6701684759831494745== Content-Type: text/html; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit
<div class="container"> <h1>Security update for the Linux Kernel</h1>
<table class="table table-striped table-bordered"> <tbody> <tr> <th>Announcement ID:</th> <td>SUSE-SU-2023:2805-1</td> </tr> <tr> <th>Rating:</th> <td>important</td> </tr> <tr> <th>References:</th> <td> <ul> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1126703">#1126703</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1204405">#1204405</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1205756">#1205756</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1205758">#1205758</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1205760">#1205760</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1205762">#1205762</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1205803">#1205803</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1206878">#1206878</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1207036">#1207036</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1207125">#1207125</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1207168">#1207168</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1207795">#1207795</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1208600">#1208600</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1208777">#1208777</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1208837">#1208837</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1209008">#1209008</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1209039">#1209039</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1209052">#1209052</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1209256">#1209256</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1209287">#1209287</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1209289">#1209289</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1209291">#1209291</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1209532">#1209532</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1209549">#1209549</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1209687">#1209687</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1209871">#1209871</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1210329">#1210329</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1210336">#1210336</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1210337">#1210337</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1210498">#1210498</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1210506">#1210506</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1210647">#1210647</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1210715">#1210715</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1210940">#1210940</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1211105">#1211105</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1211186">#1211186</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1211449">#1211449</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1212128">#1212128</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1212129">#1212129</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1212154">#1212154</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1212501">#1212501</a> </li> <li style="display: inline;"> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1212842">#1212842</a> </li> </ul> </td> </tr> <tr> <th> Cross-References: </th> <td> <ul> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2017-5753.html">CVE-2017-5753</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2018-20784.html">CVE-2018-20784</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2022-3566.html">CVE-2022-3566</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2022-45884.html">CVE-2022-45884</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2022-45885.html">CVE-2022-45885</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2022-45886.html">CVE-2022-45886</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2022-45887.html">CVE-2022-45887</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2022-45919.html">CVE-2022-45919</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-0590.html">CVE-2023-0590</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-1077.html">CVE-2023-1077</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-1095.html">CVE-2023-1095</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-1118.html">CVE-2023-1118</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-1249.html">CVE-2023-1249</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-1380.html">CVE-2023-1380</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-1390.html">CVE-2023-1390</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-1513.html">CVE-2023-1513</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-1611.html">CVE-2023-1611</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-1670.html">CVE-2023-1670</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-1989.html">CVE-2023-1989</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-1990.html">CVE-2023-1990</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-1998.html">CVE-2023-1998</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-2124.html">CVE-2023-2124</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-2162.html">CVE-2023-2162</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-2194.html">CVE-2023-2194</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-23454.html">CVE-2023-23454</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-23455.html">CVE-2023-23455</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-2513.html">CVE-2023-2513</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-28328.html">CVE-2023-28328</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-28464.html">CVE-2023-28464</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-28772.html">CVE-2023-28772</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-30772.html">CVE-2023-30772</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-3090.html">CVE-2023-3090</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-3141.html">CVE-2023-3141</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-31436.html">CVE-2023-31436</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-3159.html">CVE-2023-3159</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-3161.html">CVE-2023-3161</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-32269.html">CVE-2023-32269</a> </li> <li style="display: inline;"> <a href="https://www.suse.com/security/cve/CVE-2023-35824.html">CVE-2023-35824</a> </li> </ul> </td> </tr> <tr> <th>CVSS scores:</th> <td> <ul class="list-group"> <li class="list-group-item"> <span class="cvss-reference">CVE-2017-5753</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">5.6</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2017-5753</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">7.1</span> <span class="cvss-vector">CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2017-5753</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">5.6</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2017-5753</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">5.6</span> <span class="cvss-vector">CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2018-20784</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">5.9</span> <span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2018-20784</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">9.8</span> <span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2018-20784</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">9.8</span> <span class="cvss-vector">CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2022-3566</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">4.7</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2022-3566</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">7.1</span> <span class="cvss-vector">CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2022-45884</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">4.1</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2022-45884</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">7.0</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2022-45885</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">4.1</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2022-45885</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">7.0</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2022-45886</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">4.1</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2022-45886</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">7.0</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2022-45887</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">4.1</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2022-45887</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">4.7</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2022-45919</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">7.0</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2022-45919</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">7.0</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-0590</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">7.0</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-0590</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">4.7</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-1077</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">7.0</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-1077</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">7.0</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-1095</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">5.1</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-1095</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">5.5</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-1118</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">7.0</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-1118</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">7.8</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-1249</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">5.3</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-1249</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">5.5</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-1380</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">3.3</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-1380</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">7.1</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-1390</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">7.5</span> <span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-1390</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">7.5</span> <span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-1513</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">3.3</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-1513</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">3.3</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-1611</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">4.7</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-1611</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">6.3</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-1670</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">4.4</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-1670</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">7.8</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-1989</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">7.8</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-1989</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">7.0</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-1990</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">7.0</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-1990</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">4.7</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-1998</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">5.6</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-1998</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">5.6</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-2124</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">6.7</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-2124</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">7.8</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-2162</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">7.0</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-2162</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">5.5</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-2194</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">6.1</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-2194</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">6.7</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-23454</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">7.8</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-23454</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">5.5</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-23455</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">7.8</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-23455</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">5.5</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-2513</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">6.6</span> <span class="cvss-vector">CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-2513</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">6.7</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-28328</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">5.5</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-28328</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">5.5</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-28464</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">7.8</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-28464</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">7.8</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-28772</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">7.4</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-28772</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">6.7</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-30772</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">6.4</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-30772</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">6.4</span> <span class="cvss-vector">CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-3090</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">7.8</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-3090</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">7.8</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-3141</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">6.1</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-3141</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">7.1</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-31436</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">7.0</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-31436</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">7.8</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-3159</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">7.8</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-3159</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">6.7</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-3161</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">5.5</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-3161</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">5.5</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-32269</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">5.9</span> <span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-32269</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">6.7</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-35824</span> <span class="cvss-source"> ( SUSE ): </span> <span class="cvss-score">4.7</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H</span> </li> <li class="list-group-item"> <span class="cvss-reference">CVE-2023-35824</span> <span class="cvss-source"> ( NVD ): </span> <span class="cvss-score">7.0</span> <span class="cvss-vector">CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H</span> </li> </ul> </td> </tr> <tr> <th>Affected Products:</th> <td> <ul class="list-group"> <li class="list-group-item">SUSE Linux Enterprise High Performance Computing 12 SP2</li> <li class="list-group-item">SUSE Linux Enterprise Server 12 SP2</li> <li class="list-group-item">SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2</li> </ul> </td> </tr> </tbody> </table>
<p>An update that solves 38 vulnerabilities and has four fixes can now be installed.</p>
<h2>Description:</h2> <p>The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes.</p> <p>The following security bugs were fixed:</p> <ul> <li>CVE-2017-5753: Fixed spectre vulnerability in prlimit (bsc#1209256).</li> <li>CVE-2022-3566: Fixed race condition in the TCP Handler (bsc#1204405).</li> <li>CVE-2022-45884: Fixed a use-after-free in dvbdev.c, related to dvb_register_device dynamically allocating fops (bsc#1205756).</li> <li>CVE-2022-45885: Fixed a race condition in dvb_frontend.c that could cause a use-after-free when a device is disconnected (bsc#1205758).</li> <li>CVE-2022-45886: Fixed a .disconnect versus dvb_device_open race condition in dvb_net.c that lead to a use-after-free (bsc#1205760).</li> <li>CVE-2022-45887: Fixed a memory leak in ttusb_dec.c caused by the lack of a dvb_frontend_detach call (bsc#1205762).</li> <li>CVE-2022-45919: Fixed a use-after-free in dvb_ca_en50221.c that could occur if there is a disconnect after an open, because of the lack of a wait_event (bsc#1205803).</li> <li>CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).</li> <li>CVE-2023-1077: Fixed a type confusion in pick_next_rt_entity(), that could cause memory corruption (bsc#1208600).</li> <li>CVE-2023-1095: Fixed a NULL pointer dereference in nf_tables due to zeroed list head (bsc#1208777).</li> <li>CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).</li> <li>CVE-2023-1249: Fixed a use-after-free flaw in the core dump subsystem that allowed a local user to crash the system (bsc#1209039).</li> <li>CVE-2023-1380: Fixed a slab-out-of-bound read problem in brcmf_get_assoc_ies() (bsc#1209287).</li> <li>CVE-2023-1390: Fixed remote DoS vulnerability in tipc_link_xmit() (bsc#1209289).</li> <li>CVE-2023-1513: Fixed an uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak (bsc#1209532).</li> <li>CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).</li> <li>CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).</li> <li>CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).</li> <li>CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).</li> <li>CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).</li> <li>CVE-2023-2124: Fixed an out-of-bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498).</li> <li>CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).</li> <li>CVE-2023-2194: Fixed an out-of-bounds write vulnerability in the SLIMpro I2C device driver (bsc#1210715).</li> <li>CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler (bsc#1207036).</li> <li>CVE-2023-23455: Fixed a denial of service inside atm_tc_enqueue in net/sched/sch_atm.c because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results) (bsc#1207125).</li> <li>CVE-2023-2513: Fixed a use-after-free vulnerability in the ext4 filesystem (bsc#1211105).</li> <li>CVE-2023-28328: Fixed a denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c (bsc#1209291).</li> <li>CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hci_conn_cleanup in net/uetooth/hci_conn.c (bsc#1209052).</li> <li>CVE-2023-28772: Fixed buffer overflow in seq_buf_putmem_hex in lib/seq_buf.c (bsc#1209549).</li> <li>CVE-2023-30772: Fixed race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).</li> <li>CVE-2023-3090: Fixed a heap out-of-bounds write in the ipvlan network driver (bsc#1212842).</li> <li>CVE-2023-3141: Fixed a use-after-free flaw in r592_remove in drivers/memstick/host/r592.c, that allowed local attackers to crash the system at device disconnect (bsc#1212129).</li> <li>CVE-2023-31436: Fixed an out-of-bounds write in qfq_change_class() because lmax can exceed QFQ_MIN_LMAX (bsc#1210940).</li> <li>CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212128).</li> <li>CVE-2023-3161: Fixed shift-out-of-bounds in fbcon_set_font() (bsc#1212154).</li> <li>CVE-2023-32269: Fixed a use-after-free in af_netrom.c, related to the fact that accept() was also allowed for a successfully connected AF_NETROM socket (bsc#1211186).</li> <li>CVE-2023-35824: Fixed a use-after-free in dm1105_remove in drivers/media/pci/dm1105/dm1105.c (bsc#1212501).</li> </ul> <p>The following non-security bugs were fixed:</p> <ul> <li>Do not sign the vanilla kernel (bsc#1209008).</li> <li>Drop dvb-core fix patch due to regression (bsc#1205758).</li> <li>Revert CVE-2018-20784 due to regression (bsc#1126703).</li> <li>binfmt_elf: Take the mmap lock when walking the VMA list (bsc#1209039 CVE-2023-1249).</li> <li>bluetooth: Fix double free in hci_conn_cleanup (bsc#1209052 CVE-2023-28464).</li> <li>bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work (CVE-2023-1989 bsc#1210336).</li> <li>btrfs: fix race between quota disable and quota assign ioctls (CVE-2023-1611 bsc#1209687).</li> <li>do not fallthrough in cbq_classify and stop on TC_ACT_SHOT (bsc#1207036 CVE-2023-23454 bsc#1207125 CVE-2023-23455).</li> <li>ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h (bsc#1206878).</li> <li>ext4: fix use-after-free in ext4_xattr_set_entry (bsc#1206878 bsc#1211105 CVE-2023-2513).</li> <li>fbcon: Check font dimension limits (CVE-2023-3161 bsc#1212154).</li> <li>firewire: fix potential uaf in outbound_phy_packet_callback() (CVE-2023-3159 bsc#1212128).</li> <li>fix a mistake in the CVE-2023-0590 / bsc#1207795 backport</li> <li>i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() (bsc#1210715 CVE-2023-2194).</li> <li>ipv6: raw: Deduct extension header length in rawv6_push_pending_frames (bsc#1207168).</li> <li>ipvlan:Fix out-of-bounds caused by unclear skb->cb (bsc#1212842 CVE-2023-3090).</li> <li>kernel/sys.c: fix potential Spectre v1 issue (bsc#1209256 CVE-2017-5753).</li> <li>kvm: initialize all of the kvm_debugregs structure before sending it to userspace (bsc#1209532 CVE-2023-1513).</li> <li>media: dm1105: Fix use after free bug in dm1105_remove due to race condition (bsc#1212501 CVE-2023-35824).</li> <li>media: dvb-core: Fix use-after-free due on race condition at dvb_net (CVE-2022-45886 bsc#1205760).</li> <li>media: dvb-core: Fix use-after-free due to race at dvb_register_device() (CVE-2022-45884 bsc#1205756).</li> <li>media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 (CVE-2022-45919 bsc#1205803).</li> <li>media: dvb-core: Fix use-after-free on race condition at dvb_frontend (CVE-2022-45885 bsc#1205758).</li> <li>media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() (bsc#1209291 CVE-2023-28328).</li> <li>media: dvb_frontend: kABI workaround (CVE-2022-45885 bsc#1205758).</li> <li>media: dvb_net: kABI workaround (CVE-2022-45886 bsc#1205760).</li> <li>media: dvbdev: fix error logic at dvb_register_device() (CVE-2022-45884 bsc#1205756).</li> <li>media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() (CVE-2023-1118 bsc#1208837).</li> <li>media: ttusb-dec: fix memory leak in ttusb_dec_exit_dvb() (CVE-2022-45887 bsc#1205762).</li> <li>memstick: r592: Fix UAF bug in r592_remove due to race condition (CVE-2023-3141 bsc#1212129 bsc#1211449).</li> <li>net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg (bsc#1210940 CVE-2023-31436).</li> <li>netfilter: nf_tables: fix null deref due to zeroed list head (CVE-2023-1095 bsc#1208777).</li> <li>netrom: Fix use-after-free caused by accept on already connected socket (bsc#1211186 CVE-2023-32269).</li> <li>nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition (git-fixes bsc#1210337 CVE-2023-1990).</li> <li>power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition (CVE-2023-30772 bsc#1210329).</li> <li>prlimit: do_prlimit needs to have a speculation check (bsc#1209256 CVE-2017-5753).</li> <li>sched/rt: pick_next_rt_entity(): check list_entry (bsc#1208600 CVE-2023-1077).</li> <li>scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress (bsc#1210647 CVE-2023-2162).</li> <li>seq_buf: Fix overflow in seq_buf_putmem_hex() (bsc#1209549 CVE-2023-28772).</li> <li>tcp: Fix data races around icsk->icsk_af_ops (bsc#1204405 CVE-2022-3566).</li> <li>tipc: fix NULL deref in tipc_link_xmit() (bsc#1209289 CVE-2023-1390).</li> <li>wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() (bsc#1209287 CVE-2023-1380).</li> <li>x86/speculation: Allow enabling STIBP with legacy IBRS (bsc#1210506 CVE-2023-1998).</li> <li>xfs: verify buffer contents when we skip log replay (bsc#1210498 CVE-2023-2124).</li> <li>xirc2ps_cs: Fix use after free bug in xirc2ps_detach (bsc#1209871 CVE-2023-1670).</li> </ul>
<h2>Special Instructions and Notes:</h2> <ul> <li>Please reboot the system after installing this update.</li> </ul>
<h2>Patch Instructions:</h2> <p> To install this SUSE Important update use the SUSE recommended installation methods like YaST online_update or "zypper patch".<br/>
Alternatively you can run the command listed for your product: </p> <ul class="list-group"> <li class="list-group-item"> SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 <br/> <code>zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2023-2805=1</code> </li> </ul>
<h2>Package List:</h2> <ul> <li> SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 (nosrc x86_64) <ul> <li>kernel-default-4.4.121-92.205.1</li> </ul> </li> <li> SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 (x86_64) <ul> <li>kernel-syms-4.4.121-92.205.1</li> <li>kernel-default-base-debuginfo-4.4.121-92.205.1</li> <li>kernel-default-debuginfo-4.4.121-92.205.1</li> <li>kernel-default-devel-4.4.121-92.205.1</li> <li>kernel-default-base-4.4.121-92.205.1</li> <li>kernel-default-debugsource-4.4.121-92.205.1</li> </ul> </li> <li> SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 (noarch) <ul> <li>kernel-devel-4.4.121-92.205.1</li> <li>kernel-macros-4.4.121-92.205.1</li> <li>kernel-source-4.4.121-92.205.1</li> </ul> </li> </ul>
<h2>References:</h2> <ul> <li> <a href="https://www.suse.com/security/cve/CVE-2017-5753.html">https://www.suse.com/security/cve/CVE-2017-5753.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2018-20784.html">https://www.suse.com/security/cve/CVE-2018-20784.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2022-3566.html">https://www.suse.com/security/cve/CVE-2022-3566.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2022-45884.html">https://www.suse.com/security/cve/CVE-2022-45884.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2022-45885.html">https://www.suse.com/security/cve/CVE-2022-45885.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2022-45886.html">https://www.suse.com/security/cve/CVE-2022-45886.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2022-45887.html">https://www.suse.com/security/cve/CVE-2022-45887.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2022-45919.html">https://www.suse.com/security/cve/CVE-2022-45919.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-0590.html">https://www.suse.com/security/cve/CVE-2023-0590.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-1077.html">https://www.suse.com/security/cve/CVE-2023-1077.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-1095.html">https://www.suse.com/security/cve/CVE-2023-1095.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-1118.html">https://www.suse.com/security/cve/CVE-2023-1118.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-1249.html">https://www.suse.com/security/cve/CVE-2023-1249.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-1380.html">https://www.suse.com/security/cve/CVE-2023-1380.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-1390.html">https://www.suse.com/security/cve/CVE-2023-1390.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-1513.html">https://www.suse.com/security/cve/CVE-2023-1513.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-1611.html">https://www.suse.com/security/cve/CVE-2023-1611.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-1670.html">https://www.suse.com/security/cve/CVE-2023-1670.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-1989.html">https://www.suse.com/security/cve/CVE-2023-1989.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-1990.html">https://www.suse.com/security/cve/CVE-2023-1990.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-1998.html">https://www.suse.com/security/cve/CVE-2023-1998.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-2124.html">https://www.suse.com/security/cve/CVE-2023-2124.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-2162.html">https://www.suse.com/security/cve/CVE-2023-2162.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-2194.html">https://www.suse.com/security/cve/CVE-2023-2194.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-23454.html">https://www.suse.com/security/cve/CVE-2023-23454.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-23455.html">https://www.suse.com/security/cve/CVE-2023-23455.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-2513.html">https://www.suse.com/security/cve/CVE-2023-2513.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-28328.html">https://www.suse.com/security/cve/CVE-2023-28328.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-28464.html">https://www.suse.com/security/cve/CVE-2023-28464.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-28772.html">https://www.suse.com/security/cve/CVE-2023-28772.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-30772.html">https://www.suse.com/security/cve/CVE-2023-30772.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-3090.html">https://www.suse.com/security/cve/CVE-2023-3090.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-3141.html">https://www.suse.com/security/cve/CVE-2023-3141.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-31436.html">https://www.suse.com/security/cve/CVE-2023-31436.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-3159.html">https://www.suse.com/security/cve/CVE-2023-3159.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-3161.html">https://www.suse.com/security/cve/CVE-2023-3161.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-32269.html">https://www.suse.com/security/cve/CVE-2023-32269.html</a> </li> <li> <a href="https://www.suse.com/security/cve/CVE-2023-35824.html">https://www.suse.com/security/cve/CVE-2023-35824.html</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1126703">https://bugzilla.suse.com/show_bug.cgi?id=1126703</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1204405">https://bugzilla.suse.com/show_bug.cgi?id=1204405</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1205756">https://bugzilla.suse.com/show_bug.cgi?id=1205756</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1205758">https://bugzilla.suse.com/show_bug.cgi?id=1205758</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1205760">https://bugzilla.suse.com/show_bug.cgi?id=1205760</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1205762">https://bugzilla.suse.com/show_bug.cgi?id=1205762</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1205803">https://bugzilla.suse.com/show_bug.cgi?id=1205803</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1206878">https://bugzilla.suse.com/show_bug.cgi?id=1206878</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1207036">https://bugzilla.suse.com/show_bug.cgi?id=1207036</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1207125">https://bugzilla.suse.com/show_bug.cgi?id=1207125</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1207168">https://bugzilla.suse.com/show_bug.cgi?id=1207168</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1207795">https://bugzilla.suse.com/show_bug.cgi?id=1207795</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1208600">https://bugzilla.suse.com/show_bug.cgi?id=1208600</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1208777">https://bugzilla.suse.com/show_bug.cgi?id=1208777</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1208837">https://bugzilla.suse.com/show_bug.cgi?id=1208837</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1209008">https://bugzilla.suse.com/show_bug.cgi?id=1209008</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1209039">https://bugzilla.suse.com/show_bug.cgi?id=1209039</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1209052">https://bugzilla.suse.com/show_bug.cgi?id=1209052</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1209256">https://bugzilla.suse.com/show_bug.cgi?id=1209256</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1209287">https://bugzilla.suse.com/show_bug.cgi?id=1209287</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1209289">https://bugzilla.suse.com/show_bug.cgi?id=1209289</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1209291">https://bugzilla.suse.com/show_bug.cgi?id=1209291</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1209532">https://bugzilla.suse.com/show_bug.cgi?id=1209532</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1209549">https://bugzilla.suse.com/show_bug.cgi?id=1209549</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1209687">https://bugzilla.suse.com/show_bug.cgi?id=1209687</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1209871">https://bugzilla.suse.com/show_bug.cgi?id=1209871</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1210329">https://bugzilla.suse.com/show_bug.cgi?id=1210329</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1210336">https://bugzilla.suse.com/show_bug.cgi?id=1210336</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1210337">https://bugzilla.suse.com/show_bug.cgi?id=1210337</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1210498">https://bugzilla.suse.com/show_bug.cgi?id=1210498</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1210506">https://bugzilla.suse.com/show_bug.cgi?id=1210506</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1210647">https://bugzilla.suse.com/show_bug.cgi?id=1210647</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1210715">https://bugzilla.suse.com/show_bug.cgi?id=1210715</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1210940">https://bugzilla.suse.com/show_bug.cgi?id=1210940</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1211105">https://bugzilla.suse.com/show_bug.cgi?id=1211105</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1211186">https://bugzilla.suse.com/show_bug.cgi?id=1211186</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1211449">https://bugzilla.suse.com/show_bug.cgi?id=1211449</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1212128">https://bugzilla.suse.com/show_bug.cgi?id=1212128</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1212129">https://bugzilla.suse.com/show_bug.cgi?id=1212129</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1212154">https://bugzilla.suse.com/show_bug.cgi?id=1212154</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1212501">https://bugzilla.suse.com/show_bug.cgi?id=1212501</a> </li> <li> <a href="https://bugzilla.suse.com/show_bug.cgi?id=1212842">https://bugzilla.suse.com/show_bug.cgi?id=1212842</a> </li> </ul> </div>
--===============6701684759831494745==--
|
|
|
|