Bug 1206024 (CVE-2022-4269) - VUL-0: CVE-2022-4269: kernel-source,kernel-source-rt,kernel-source-azure: kernel: net: CPU soft lockup in TC mirred egress-to-ingress action
Summary: VUL-0: CVE-2022-4269: kernel-source,kernel-source-rt,kernel-source-azure: ker...
Status: IN_PROGRESS
Alias: CVE-2022-4269
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/349329/
Whiteboard: CVSSv3.1:SUSE:CVE-2022-4269:5.5:(AV:L...
Keywords:
Depends on:
Blocks:
 
Reported: 2022-12-05 09:17 UTC by Thomas Leroy
Modified: 2024-07-17 07:56 UTC (History)
9 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Leroy 2022-12-05 09:17:25 UTC 
rh#2150272

Using a specific networking configuration (that redirect egress packets to ingress using TC "mirred"), unprivileged users can trigger a soft-lockup (ABBA deadlock) in the Linux kernel, when the transport protocol in use (TCP or SCTP) does a retransmission.

Upstream discussion:
https://lore.kernel.org/netdev/33dc43f587ec1388ba456b4915c75f02a8aae226.1663945716.git.dcaratti@redhat.com/

References:
https://bugzilla.redhat.com/show_bug.cgi?id=2150272
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4269
Comment 1 Thomas Leroy 2022-12-05 09:19:24 UTC 
Upstream patch seems still in discussion.

The following branches contain the given commit introducing the bug:
- SLE15-SP3
- SLE15-SP4
- cve/linux-4.12
- cve/linux-5.3
- stable
Comment 2 Petr Mladek 2022-12-12 09:42:12 UTC 
Michal, please consider reassigning the bug to Denis to balance the load.
Comment 10 Michal Kubeček 2023-05-02 11:55:29 UTC 
As far as I can say, this should be addressed by mainline commits

  78dcdffe0418  net/sched: act_mirred: better wording on protection against
                excessive stack growth
  ca22da2fbd69  act_mirred: use the backlog for nested calls to mirred ingress

or rather the second one (the first is rather cosmetic). I need to go through
the problem description once more to make sure it is actually the same issue.
Comment 20 Maintenance Automation 2023-06-13 16:30:08 UTC 
SUSE-SU-2023:2502-1: An update that solves 21 vulnerabilities and has four fixes can now be installed.

Category: security (important)
Bug References: 1199636, 1204405, 1205756, 1205758, 1205760, 1205762, 1205803, 1206024, 1208474, 1208604, 1209287, 1209779, 1210715, 1210783, 1210940, 1211037, 1211043, 1211105, 1211131, 1211186, 1211203, 1211590, 1211592, 1211596, 1211622
CVE References: CVE-2020-36694, CVE-2022-3566, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-1079, CVE-2023-1380, CVE-2023-1637, CVE-2023-2156, CVE-2023-2194, CVE-2023-23586, CVE-2023-2483, CVE-2023-2513, CVE-2023-31084, CVE-2023-31436, CVE-2023-32233, CVE-2023-32269, CVE-2023-33288
Sources used:
SUSE Real Time Module 15-SP3 (src): kernel-syms-rt-5.3.18-150300.130.1, kernel-source-rt-5.3.18-150300.130.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 21 Maintenance Automation 2023-06-13 16:30:33 UTC 
SUSE-SU-2023:2500-1: An update that solves 23 vulnerabilities, contains 14 features and has 52 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1172073, 1191731, 1193629, 1195655, 1195921, 1203906, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1206024, 1206578, 1207553, 1208604, 1208758, 1209287, 1209288, 1209856, 1209982, 1210165, 1210294, 1210449, 1210450, 1210498, 1210533, 1210551, 1210566, 1210647, 1210741, 1210775, 1210783, 1210791, 1210806, 1210940, 1210947, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211187, 1211205, 1211260, 1211263, 1211280, 1211281, 1211395, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211796, 1211804, 1211807, 1211808, 1211819, 1211847, 1211855, 1211960
CVE References: CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-1079, CVE-2023-1380, CVE-2023-1382, CVE-2023-2002, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2269, CVE-2023-2483, CVE-2023-2513, CVE-2023-28410, CVE-2023-3006, CVE-2023-30456, CVE-2023-31084, CVE-2023-31436, CVE-2023-32233, CVE-2023-33288
Jira References: PED-3692, PED-4022, SLE-18375, SLE-18377, SLE-18378, SLE-18379, SLE-18383, SLE-18384, SLE-18385, SLE-18978, SLE-18992, SLE-19001, SLE-19255, SLE-19556
Sources used:
openSUSE Leap 15.4 (src): kernel-source-azure-5.14.21-150400.14.52.1, kernel-syms-azure-5.14.21-150400.14.52.1
Public Cloud Module 15-SP4 (src): kernel-source-azure-5.14.21-150400.14.52.1, kernel-syms-azure-5.14.21-150400.14.52.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 24 Hannes Reinecke 2023-06-14 12:40:40 UTC 
Denis, can you have a look at comment#10 and apply the patches as needed?
Comment 27 Maintenance Automation 2023-06-22 08:30:06 UTC 
SUSE-SU-2023:2611-1: An update that solves 22 vulnerabilities and has four fixes can now be installed.

Category: security (important)
Bug References: 1184208, 1199636, 1204405, 1205756, 1205758, 1205760, 1205762, 1205803, 1206024, 1208474, 1208604, 1209287, 1209779, 1210715, 1210783, 1210940, 1211037, 1211043, 1211105, 1211131, 1211186, 1211203, 1211590, 1211592, 1211596, 1211622
CVE References: CVE-2020-36694, CVE-2021-29650, CVE-2022-3566, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-1079, CVE-2023-1380, CVE-2023-1637, CVE-2023-2156, CVE-2023-2194, CVE-2023-23586, CVE-2023-2483, CVE-2023-2513, CVE-2023-31084, CVE-2023-31436, CVE-2023-32233, CVE-2023-32269, CVE-2023-33288
Sources used:
SUSE Linux Enterprise Live Patching 15-SP3 (src): kernel-livepatch-SLE15-SP3_Update_33-1-150300.7.3.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): kernel-syms-5.3.18-150300.59.124.1, kernel-obs-build-5.3.18-150300.59.124.1, kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1, kernel-source-5.3.18-150300.59.124.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): kernel-syms-5.3.18-150300.59.124.1, kernel-obs-build-5.3.18-150300.59.124.1, kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1, kernel-source-5.3.18-150300.59.124.1
SUSE Linux Enterprise Real Time 15 SP3 (src): kernel-syms-5.3.18-150300.59.124.1, kernel-obs-build-5.3.18-150300.59.124.1, kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1, kernel-source-5.3.18-150300.59.124.1
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): kernel-syms-5.3.18-150300.59.124.1, kernel-obs-build-5.3.18-150300.59.124.1, kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1, kernel-source-5.3.18-150300.59.124.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): kernel-syms-5.3.18-150300.59.124.1, kernel-obs-build-5.3.18-150300.59.124.1, kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1, kernel-source-5.3.18-150300.59.124.1
SUSE Manager Proxy 4.2 (src): kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1, kernel-source-5.3.18-150300.59.124.1
SUSE Manager Retail Branch Server 4.2 (src): kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1, kernel-source-5.3.18-150300.59.124.1
SUSE Manager Server 4.2 (src): kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1, kernel-source-5.3.18-150300.59.124.1
SUSE Enterprise Storage 7.1 (src): kernel-syms-5.3.18-150300.59.124.1, kernel-obs-build-5.3.18-150300.59.124.1, kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1, kernel-source-5.3.18-150300.59.124.1
SUSE Linux Enterprise Micro 5.1 (src): kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1
SUSE Linux Enterprise Micro 5.2 (src): kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1
SUSE Linux Enterprise Micro for Rancher 5.2 (src): kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 30 Maintenance Automation 2023-06-27 12:30:11 UTC 
SUSE-SU-2023:2653-1: An update that solves 23 vulnerabilities, contains 14 features and has 47 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1172073, 1191731, 1193629, 1195655, 1195921, 1203906, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1206024, 1206578, 1207553, 1208604, 1208758, 1209287, 1209288, 1209856, 1209982, 1210165, 1210294, 1210449, 1210450, 1210498, 1210533, 1210551, 1210647, 1210741, 1210775, 1210783, 1210791, 1210806, 1210940, 1210947, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211205, 1211263, 1211280, 1211281, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211796, 1211804, 1211807, 1211808, 1211847, 1211855, 1211960
CVE References: CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-1079, CVE-2023-1380, CVE-2023-1382, CVE-2023-2002, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2269, CVE-2023-2483, CVE-2023-2513, CVE-2023-28410, CVE-2023-3006, CVE-2023-30456, CVE-2023-31084, CVE-2023-31436, CVE-2023-32233, CVE-2023-33288
Jira References: PED-3692, PED-4022, SLE-18375, SLE-18377, SLE-18378, SLE-18379, SLE-18383, SLE-18384, SLE-18385, SLE-18978, SLE-18992, SLE-19001, SLE-19255, SLE-19556
Sources used:
openSUSE Leap Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
openSUSE Leap 15.4 (src): kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1, kernel-source-5.14.21-150400.24.66.1, kernel-syms-5.14.21-150400.24.66.1, kernel-obs-build-5.14.21-150400.24.66.1, kernel-obs-qa-5.14.21-150400.24.66.1
SUSE Linux Enterprise Micro for Rancher 5.3 (src): kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
SUSE Linux Enterprise Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
SUSE Linux Enterprise Micro for Rancher 5.4 (src): kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
SUSE Linux Enterprise Micro 5.4 (src): kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
Basesystem Module 15-SP4 (src): kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1, kernel-source-5.14.21-150400.24.66.1
Development Tools Module 15-SP4 (src): kernel-syms-5.14.21-150400.24.66.1, kernel-source-5.14.21-150400.24.66.1, kernel-obs-build-5.14.21-150400.24.66.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4_Update_13-1-150400.9.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 31 Maintenance Automation 2023-06-27 12:30:36 UTC 
SUSE-SU-2023:2651-1: An update that solves 22 vulnerabilities and has 10 fixes can now be installed.

Category: security (important)
Bug References: 1172073, 1184208, 1191731, 1199046, 1204405, 1205756, 1205758, 1205760, 1205762, 1205803, 1206024, 1208474, 1208604, 1209287, 1209779, 1210498, 1210715, 1210783, 1210791, 1210940, 1211037, 1211043, 1211089, 1211105, 1211186, 1211187, 1211260, 1211590, 1211592, 1211596, 1211622, 1211796
CVE References: CVE-2020-36694, CVE-2021-29650, CVE-2022-3566, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-1079, CVE-2023-1380, CVE-2023-1637, CVE-2023-2124, CVE-2023-2194, CVE-2023-23586, CVE-2023-2483, CVE-2023-2513, CVE-2023-31084, CVE-2023-31436, CVE-2023-32233, CVE-2023-32269, CVE-2023-33288
Sources used:
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): kernel-obs-build-5.3.18-150200.24.154.1, kernel-source-5.3.18-150200.24.154.1, kernel-syms-5.3.18-150200.24.154.1, kernel-default-base-5.3.18-150200.24.154.1.150200.9.75.1
SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): kernel-obs-build-5.3.18-150200.24.154.1, kernel-source-5.3.18-150200.24.154.1, kernel-syms-5.3.18-150200.24.154.1, kernel-default-base-5.3.18-150200.24.154.1.150200.9.75.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): kernel-obs-build-5.3.18-150200.24.154.1, kernel-source-5.3.18-150200.24.154.1, kernel-syms-5.3.18-150200.24.154.1, kernel-default-base-5.3.18-150200.24.154.1.150200.9.75.1
SUSE Enterprise Storage 7 (src): kernel-obs-build-5.3.18-150200.24.154.1, kernel-source-5.3.18-150200.24.154.1, kernel-syms-5.3.18-150200.24.154.1, kernel-default-base-5.3.18-150200.24.154.1.150200.9.75.1
SUSE Linux Enterprise Live Patching 15-SP2 (src): kernel-livepatch-SLE15-SP2_Update_37-1-150200.5.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 36 Maintenance Automation 2023-07-04 16:30:14 UTC 
SUSE-SU-2023:2782-1: An update that solves 31 vulnerabilities, contains three features and has 70 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1152472, 1152489, 1160435, 1172073, 1189998, 1191731, 1193629, 1194869, 1195655, 1195921, 1203906, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1206024, 1206578, 1207553, 1208050, 1208410, 1208600, 1208604, 1208758, 1209039, 1209287, 1209288, 1209367, 1209856, 1209982, 1210165, 1210294, 1210449, 1210450, 1210498, 1210533, 1210551, 1210647, 1210741, 1210775, 1210783, 1210791, 1210806, 1210940, 1210947, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211205, 1211263, 1211280, 1211281, 1211299, 1211346, 1211387, 1211410, 1211414, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211796, 1211804, 1211807, 1211808, 1211847, 1211852, 1211855, 1211960, 1212129, 1212154, 1212155, 1212158, 1212350, 1212448, 1212494, 1212504, 1212513, 1212540, 1212561, 1212563, 1212564, 1212584, 1212592
CVE References: CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-1077, CVE-2023-1079, CVE-2023-1249, CVE-2023-1380, CVE-2023-1382, CVE-2023-2002, CVE-2023-21102, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2269, CVE-2023-2483, CVE-2023-2513, CVE-2023-28410, CVE-2023-3006, CVE-2023-30456, CVE-2023-31084, CVE-2023-3141, CVE-2023-31436, CVE-2023-3161, CVE-2023-32233, CVE-2023-33288, CVE-2023-35788, CVE-2023-35823, CVE-2023-35828
Jira References: PED-3692, PED-3931, PED-4022
Sources used:
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_8-1-150400.1.9.2
SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.37.1, kernel-syms-rt-5.14.21-150400.15.37.1
openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.37.1, kernel-syms-rt-5.14.21-150400.15.37.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 40 Maintenance Automation 2023-07-11 16:30:43 UTC 
SUSE-SU-2023:2809-1: An update that solves 84 vulnerabilities, contains 25 features and has 320 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1109158, 1142685, 1152472, 1152489, 1155798, 1160435, 1166486, 1172073, 1174777, 1177529, 1185861, 1186449, 1189998, 1189999, 1191731, 1193629, 1194869, 1195175, 1195655, 1195921, 1196058, 1197534, 1197617, 1198101, 1198400, 1198438, 1198835, 1199304, 1199701, 1200054, 1202353, 1202633, 1203039, 1203200, 1203325, 1203331, 1203332, 1203693, 1203906, 1204356, 1204363, 1204662, 1204993, 1205153, 1205191, 1205205, 1205544, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1205846, 1206024, 1206036, 1206056, 1206057, 1206103, 1206224, 1206232, 1206340, 1206459, 1206492, 1206493, 1206578, 1206640, 1206649, 1206824, 1206843, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206891, 1206893, 1206894, 1206935, 1206992, 1207034, 1207036, 1207050, 1207051, 1207088, 1207125, 1207149, 1207158, 1207168, 1207185, 1207270, 1207315, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207521, 1207553, 1207560, 1207574, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207827, 1207842, 1207845, 1207875, 1207878, 1207933, 1207935, 1207948, 1208050, 1208076, 1208081, 1208105, 1208107, 1208128, 1208130, 1208149, 1208153, 1208183, 1208212, 1208219, 1208290, 1208368, 1208410, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208542, 1208570, 1208588, 1208598, 1208599, 1208600, 1208601, 1208602, 1208604, 1208605, 1208607, 1208619, 1208628, 1208700, 1208741, 1208758, 1208759, 1208776, 1208777, 1208784, 1208787, 1208815, 1208816, 1208829, 1208837, 1208843, 1208845, 1208848, 1208864, 1208902, 1208948, 1208976, 1209008, 1209039, 1209052, 1209092, 1209159, 1209256, 1209258, 1209262, 1209287, 1209288, 1209290, 1209291, 1209292, 1209366, 1209367, 1209436, 1209457, 1209504, 1209532, 1209556, 1209600, 1209615, 1209635, 1209636, 1209637, 1209684, 1209687, 1209693, 1209739, 1209779, 1209780, 1209788, 1209798, 1209799, 1209804, 1209805, 1209856, 1209871, 1209927, 1209980, 1209982, 1209999, 1210034, 1210050, 1210158, 1210165, 1210202, 1210203, 1210206, 1210216, 1210230, 1210294, 1210301, 1210329, 1210336, 1210337, 1210409, 1210439, 1210449, 1210450, 1210453, 1210454, 1210469, 1210498, 1210506, 1210533, 1210551, 1210629, 1210644, 1210647, 1210725, 1210741, 1210762, 1210763, 1210764, 1210765, 1210766, 1210767, 1210768, 1210769, 1210770, 1210771, 1210775, 1210783, 1210791, 1210793, 1210806, 1210816, 1210817, 1210827, 1210940, 1210943, 1210947, 1210953, 1210986, 1211025, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211205, 1211263, 1211280, 1211281, 1211299, 1211346, 1211387, 1211400, 1211410, 1211414, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211593, 1211595, 1211654, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211794, 1211796, 1211804, 1211807, 1211808, 1211820, 1211836, 1211847, 1211852, 1211855, 1211960, 1212129, 1212154, 1212155, 1212158, 1212350, 1212405, 1212445, 1212448, 1212494, 1212495, 1212504, 1212513, 1212540, 1212556, 1212561, 1212563, 1212564, 1212584, 1212592, 1212605, 1212606, 1212619, 1212701, 1212741
CVE References: CVE-2020-24588, CVE-2022-2196, CVE-2022-3523, CVE-2022-36280, CVE-2022-38096, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2022-4744, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0386, CVE-2023-0394, CVE-2023-0461, CVE-2023-0469, CVE-2023-0590, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1077, CVE-2023-1078, CVE-2023-1079, CVE-2023-1095, CVE-2023-1118, CVE-2023-1249, CVE-2023-1382, CVE-2023-1513, CVE-2023-1582, CVE-2023-1583, CVE-2023-1611, CVE-2023-1637, CVE-2023-1652, CVE-2023-1670, CVE-2023-1838, CVE-2023-1855, CVE-2023-1989, CVE-2023-1998, CVE-2023-2002, CVE-2023-21102, CVE-2023-21106, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2176, CVE-2023-2235, CVE-2023-2269, CVE-2023-22998, CVE-2023-23000, CVE-2023-23001, CVE-2023-23004, CVE-2023-23006, CVE-2023-23454, CVE-2023-23455, CVE-2023-2483, CVE-2023-25012, CVE-2023-2513, CVE-2023-26545, CVE-2023-28327, CVE-2023-28410, CVE-2023-28464, CVE-2023-28466, CVE-2023-28866, CVE-2023-3006, CVE-2023-30456, CVE-2023-30772, CVE-2023-31084, CVE-2023-3141, CVE-2023-31436, CVE-2023-3161, CVE-2023-3220, CVE-2023-32233, CVE-2023-33288, CVE-2023-3357, CVE-2023-3358, CVE-2023-33951, CVE-2023-33952, CVE-2023-35788, CVE-2023-35823, CVE-2023-35828, CVE-2023-35829
Jira References: PED-1549, PED-3210, PED-3259, PED-3692, PED-370, PED-3750, PED-3759, PED-376, PED-3931, PED-4022, PED-835, SES-1880, SLE-18375, SLE-18377, SLE-18378, SLE-18379, SLE-18383, SLE-18384, SLE-18385, SLE-18978, SLE-18992, SLE-19001, SLE-19253, SLE-19255, SLE-19556
Sources used:
openSUSE Leap 15.5 (src): kernel-livepatch-SLE15-SP5-RT_Update_1-1-150500.11.5.1, kernel-syms-rt-5.14.21-150500.13.5.1, kernel-source-rt-5.14.21-150500.13.5.1
SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5-RT_Update_1-1-150500.11.5.1
SUSE Real Time Module 15-SP5 (src): kernel-syms-rt-5.14.21-150500.13.5.1, kernel-source-rt-5.14.21-150500.13.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 41 Maintenance Automation 2023-07-18 16:30:59 UTC 
SUSE-SU-2023:2871-1: An update that solves 82 vulnerabilities, contains 25 features and has 390 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1109158, 1142685, 1152472, 1152489, 1155798, 1160435, 1166486, 1172073, 1174777, 1177529, 1186449, 1187829, 1189998, 1189999, 1191731, 1193629, 1194869, 1195175, 1195655, 1195921, 1196058, 1197534, 1197617, 1198101, 1198400, 1198438, 1198835, 1199304, 1199701, 1200054, 1202353, 1202633, 1203039, 1203200, 1203325, 1203331, 1203332, 1203693, 1203906, 1204356, 1204363, 1204662, 1204993, 1205153, 1205191, 1205205, 1205544, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1205846, 1206024, 1206036, 1206056, 1206057, 1206103, 1206224, 1206232, 1206340, 1206459, 1206492, 1206493, 1206552, 1206578, 1206640, 1206649, 1206677, 1206824, 1206843, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206891, 1206893, 1206894, 1206935, 1206992, 1207034, 1207036, 1207050, 1207051, 1207088, 1207125, 1207149, 1207158, 1207168, 1207185, 1207270, 1207315, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207521, 1207553, 1207560, 1207574, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207827, 1207842, 1207845, 1207875, 1207878, 1207933, 1207935, 1207948, 1208050, 1208076, 1208081, 1208105, 1208107, 1208128, 1208130, 1208149, 1208153, 1208183, 1208212, 1208219, 1208290, 1208368, 1208410, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208542, 1208570, 1208588, 1208598, 1208599, 1208600, 1208601, 1208602, 1208604, 1208605, 1208607, 1208619, 1208628, 1208700, 1208741, 1208758, 1208759, 1208776, 1208777, 1208784, 1208787, 1208815, 1208816, 1208829, 1208837, 1208843, 1208845, 1208848, 1208864, 1208902, 1208948, 1208976, 1209008, 1209039, 1209052, 1209092, 1209159, 1209256, 1209258, 1209262, 1209287, 1209288, 1209290, 1209291, 1209292, 1209366, 1209367, 1209436, 1209457, 1209504, 1209532, 1209556, 1209600, 1209615, 1209635, 1209636, 1209637, 1209684, 1209687, 1209693, 1209739, 1209779, 1209780, 1209788, 1209798, 1209799, 1209804, 1209805, 1209856, 1209871, 1209927, 1209980, 1209982, 1209999, 1210034, 1210050, 1210158, 1210165, 1210202, 1210203, 1210206, 1210216, 1210230, 1210294, 1210301, 1210329, 1210335, 1210336, 1210337, 1210409, 1210439, 1210449, 1210450, 1210453, 1210454, 1210498, 1210506, 1210533, 1210551, 1210565, 1210584, 1210629, 1210644, 1210647, 1210725, 1210741, 1210762, 1210763, 1210764, 1210765, 1210766, 1210767, 1210768, 1210769, 1210770, 1210771, 1210775, 1210783, 1210791, 1210793, 1210806, 1210816, 1210817, 1210827, 1210853, 1210940, 1210943, 1210947, 1210953, 1210986, 1211014, 1211025, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211205, 1211263, 1211280, 1211281, 1211299, 1211346, 1211387, 1211400, 1211410, 1211414, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211593, 1211595, 1211654, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211794, 1211796, 1211804, 1211807, 1211808, 1211820, 1211836, 1211847, 1211852, 1211855, 1211960, 1212051, 1212129, 1212154, 1212155, 1212158, 1212265, 1212350, 1212445, 1212448, 1212456, 1212494, 1212495, 1212504, 1212513, 1212540, 1212556, 1212561, 1212563, 1212564, 1212584, 1212592, 1212603, 1212605, 1212606, 1212619, 1212685, 1212701, 1212741, 1212835, 1212838, 1212842, 1212848, 1212861, 1212869, 1212892, 1212961, 1213010, 1213011, 1213012, 1213013, 1213014, 1213015, 1213016, 1213017, 1213018, 1213019, 1213020, 1213021, 1213024, 1213025, 1213032, 1213034, 1213035, 1213036, 1213037, 1213038, 1213039, 1213040, 1213041, 1213087, 1213088, 1213089, 1213090, 1213092, 1213093, 1213094, 1213095, 1213096, 1213098, 1213099, 1213100, 1213102, 1213103, 1213104, 1213105, 1213106, 1213107, 1213108, 1213109, 1213110, 1213111, 1213112, 1213113, 1213114, 1213116, 1213134
CVE References: CVE-2022-36280, CVE-2022-38096, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2022-4744, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0394, CVE-2023-0461, CVE-2023-0469, CVE-2023-0590, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1077, CVE-2023-1079, CVE-2023-1095, CVE-2023-1118, CVE-2023-1249, CVE-2023-1382, CVE-2023-1513, CVE-2023-1582, CVE-2023-1583, CVE-2023-1611, CVE-2023-1637, CVE-2023-1652, CVE-2023-1670, CVE-2023-1829, CVE-2023-1838, CVE-2023-1855, CVE-2023-1989, CVE-2023-1998, CVE-2023-2002, CVE-2023-21102, CVE-2023-21106, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2176, CVE-2023-2235, CVE-2023-2269, CVE-2023-22998, CVE-2023-23000, CVE-2023-23001, CVE-2023-23004, CVE-2023-23006, CVE-2023-2430, CVE-2023-2483, CVE-2023-25012, CVE-2023-2513, CVE-2023-26545, CVE-2023-28327, CVE-2023-28410, CVE-2023-28464, CVE-2023-28866, CVE-2023-3006, CVE-2023-30456, CVE-2023-30772, CVE-2023-3090, CVE-2023-31084, CVE-2023-3111, CVE-2023-3141, CVE-2023-31436, CVE-2023-3161, CVE-2023-3212, CVE-2023-3220, CVE-2023-32233, CVE-2023-33288, CVE-2023-3357, CVE-2023-3358, CVE-2023-3389, CVE-2023-33951, CVE-2023-33952, CVE-2023-35788, CVE-2023-35823, CVE-2023-35828, CVE-2023-35829
Jira References: PED-1549, PED-3210, PED-3259, PED-3692, PED-370, PED-3750, PED-3759, PED-376, PED-3931, PED-4022, PED-835, SES-1880, SLE-18375, SLE-18377, SLE-18378, SLE-18379, SLE-18383, SLE-18384, SLE-18385, SLE-18978, SLE-18992, SLE-19001, SLE-19253, SLE-19255, SLE-19556
Sources used:
openSUSE Leap 15.5 (src): kernel-livepatch-SLE15-SP5_Update_1-1-150500.11.7.1, kernel-syms-5.14.21-150500.55.7.1, kernel-obs-qa-5.14.21-150500.55.7.1, kernel-obs-build-5.14.21-150500.55.7.1, kernel-source-5.14.21-150500.55.7.1, kernel-default-base-5.14.21-150500.55.7.1.150500.6.2.5
Basesystem Module 15-SP5 (src): kernel-source-5.14.21-150500.55.7.1, kernel-default-base-5.14.21-150500.55.7.1.150500.6.2.5
Development Tools Module 15-SP5 (src): kernel-source-5.14.21-150500.55.7.1, kernel-syms-5.14.21-150500.55.7.1, kernel-obs-build-5.14.21-150500.55.7.1
SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5_Update_1-1-150500.11.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 49 Maintenance Automation 2024-02-27 12:00:40 UTC 
SUSE-SU-2023:2646-1: An update that solves 69 vulnerabilities, contains six features and has 292 security fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1109158, 1142685, 1152472, 1152489, 1155798, 1160435, 1166486, 1172073, 1174777, 1177529, 1186449, 1189998, 1189999, 1191731, 1193629, 1194869, 1195175, 1195655, 1195921, 1196058, 1197534, 1197617, 1198101, 1198438, 1198835, 1199304, 1200054, 1202353, 1202633, 1203039, 1203200, 1203325, 1203331, 1203332, 1203693, 1203906, 1204356, 1204662, 1204993, 1205191, 1205205, 1205544, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1205846, 1206024, 1206036, 1206056, 1206057, 1206103, 1206224, 1206232, 1206340, 1206459, 1206492, 1206493, 1206552, 1206578, 1206640, 1206649, 1206677, 1206824, 1206843, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206891, 1206893, 1206894, 1206935, 1206992, 1207034, 1207050, 1207088, 1207149, 1207158, 1207168, 1207185, 1207270, 1207315, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207521, 1207553, 1207560, 1207574, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207827, 1207842, 1207845, 1207875, 1207878, 1207935, 1207948, 1208050, 1208076, 1208081, 1208105, 1208107, 1208128, 1208130, 1208149, 1208153, 1208183, 1208212, 1208219, 1208290, 1208368, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208542, 1208570, 1208588, 1208598, 1208599, 1208600, 1208602, 1208604, 1208605, 1208607, 1208619, 1208628, 1208700, 1208758, 1208759, 1208776, 1208777, 1208784, 1208787, 1208815, 1208816, 1208829, 1208837, 1208843, 1208845, 1208848, 1208864, 1208902, 1208948, 1208976, 1209008, 1209052, 1209092, 1209159, 1209256, 1209258, 1209262, 1209287, 1209288, 1209290, 1209292, 1209367, 1209457, 1209504, 1209532, 1209556, 1209600, 1209635, 1209636, 1209637, 1209684, 1209687, 1209693, 1209739, 1209779, 1209788, 1209798, 1209799, 1209804, 1209805, 1209856, 1209871, 1209927, 1209980, 1209982, 1209999, 1210034, 1210050, 1210158, 1210165, 1210202, 1210203, 1210206, 1210216, 1210230, 1210294, 1210301, 1210329, 1210336, 1210409, 1210439, 1210449, 1210450, 1210469, 1210498, 1210506, 1210533, 1210551, 1210629, 1210644, 1210647, 1210725, 1210741, 1210762, 1210763, 1210764, 1210765, 1210766, 1210767, 1210768, 1210769, 1210770, 1210771, 1210775, 1210783, 1210791, 1210793, 1210806, 1210816, 1210817, 1210827, 1210940, 1210943, 1210947, 1210953, 1210986, 1211025, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211140, 1211205, 1211263, 1211280, 1211281, 1211299, 1211387, 1211414, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211593, 1211595, 1211654, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211796, 1211804, 1211807, 1211808, 1211820, 1211836, 1211847, 1211855, 1211960, 1212129, 1212154, 1212155, 1212158
CVE References: CVE-2022-2196, CVE-2022-36280, CVE-2022-38096, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2022-4744, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0394, CVE-2023-0461, CVE-2023-0469, CVE-2023-0590, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1077, CVE-2023-1079, CVE-2023-1095, CVE-2023-1118, CVE-2023-1380, CVE-2023-1382, CVE-2023-1513, CVE-2023-1582, CVE-2023-1583, CVE-2023-1611, CVE-2023-1637, CVE-2023-1652, CVE-2023-1670, CVE-2023-1838, CVE-2023-1855, CVE-2023-1989, CVE-2023-1998, CVE-2023-2002, CVE-2023-21102, CVE-2023-21106, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2176, CVE-2023-2235, CVE-2023-2269, CVE-2023-22998, CVE-2023-23000, CVE-2023-23001, CVE-2023-23004, CVE-2023-23006, CVE-2023-2483, CVE-2023-25012, CVE-2023-2513, CVE-2023-26545, CVE-2023-28327, CVE-2023-28410, CVE-2023-28464, CVE-2023-3006, CVE-2023-30456, CVE-2023-30772, CVE-2023-31084, CVE-2023-3141, CVE-2023-31436, CVE-2023-3161, CVE-2023-32233, CVE-2023-33288, CVE-2023-33951, CVE-2023-33952
Jira References: PED-3210, PED-3259, PED-3692, PED-3750, PED-3759, PED-4022
Sources used:
openSUSE Leap 15.5 (src): kernel-source-azure-5.14.21-150500.33.3.1, kernel-syms-azure-5.14.21-150500.33.3.1
Public Cloud Module 15-SP5 (src): kernel-source-azure-5.14.21-150500.33.3.1, kernel-syms-azure-5.14.21-150500.33.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 57 Hannes Reinecke 2024-07-15 10:50:07 UTC 
The 'fixes' tag is wrong, and the patch is incorrectly marked.
The _actual_ fix the patch is referring to is ca22da2fbd69 ("act_mirred: use the backlog for nested calls to mirred ingress"), which is not present in SLE12 SP5, and hence doesn't apply.
Please dispute the CVE and get the 'fixes' line updated.
Back to security.