1206784 – (CVE-2023-1073) VUL-0: CVE-2023-1073: kernel-source: HID: drop assumptions on non-empty lists

Bug 1206784 (CVE-2023-1073) - VUL-0: CVE-2023-1073: kernel-source: HID: drop assumptions on non-empty lists

Summary: VUL-0: CVE-2023-1073: kernel-source: HID: drop assumptions on non-empty lists

Status:	RESOLVED FIXED

Alias:	CVE-2023-1073

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/352501/
Whiteboard:	CVSSv3.1:SUSE:CVE-2023-1073:6.3:(AV:P...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2023-01-02 14:05 UTC by Cathy Hu
Modified:	2024-06-25 17:18 UTC (History)
CC List:	7 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Comment 13 Marcus Meissner 2023-01-19 08:29:36 UTC

oss-sec post:
Date: Tue, 17 Jan 2023 18:05:30 +0100
From: Pietro Borrello <borrello@diag.uniroma1.it>
Subject: [oss-security] Linux Kernel: hid: type confusions on hid report_list entry

Hi all,

We found potential misuses of list_entry() on lists in hid driver
code that are not checked, specifically hid_validate_values() in
drivers/hid/hid-core.c and bigben_probe() in drivers/hid/hid-bigbenff.c.
Issuing a list_entry() on an empty list causes a type confusion making
the list_entry point to the list_head itself.
The most impactful seems the missing check for an empty list in
hid_validate_values() which is supposed to check the validity of the
reports themselves, potentially affecting all the drivers that rely on it.

The problem is caused by the driver's assumption that the device must
have a valid report_list. While this will be true for all normal HID
devices, a suitably malicious device can violate the assumption.

At a first glance, it may seem that the patches have security implications.
However, when plugging a device which provides a descriptor with no output
report, the type confusions will create a fake struct hid_report*
which points to ((struct hid_device *)hid).report_enum[type].report_list.
This, by chance, makes the type confused structure to span
the `struct hid_report* report_id_hash[256]` array in the
((struct hid_device *)hid).report_enum[type] field.

Then, due to their semantics hid_validate_values() will check
(report->maxfield > field_index) on the type-confused report,
and the maxfield field happens to overlap on the
report_id_hash[] array in the report_enum[type] field
which are all NULL since we provided no reports.
Similarly, for bigben_probe(), the confused report entry is
used in the bigben_worker() function which checks
(report->field[0] != NULL) that, again, overlaps with a NULL
pointer.
It seems there is a commit (918aa1ef104d: "HID: bigbenff: prevent
null pointer dereference") which added the check for report_field
being NULL to bigben_worker() to prevent crashing, but without
checking the actual root cause.

Thus, while being type confusions bugs, they are not exploitable.
The list checks should be added also to prevent future exploitability
if the shape of the structure changes (e.g., structure layout
randomization), and they do not overlap anymore with NULL pointers.
In this case, it is not exploitable just by the pure chance of struct
member ordering.

This post has been written in accordance with linux-distros rules to
which we disclosed the initial findings of the potential vulnerabilities.
as even if the bugs seem not exploitable, the wider community on
oss-security might see how the issue does have security relevance.

We submitted patches to fix the issue by checking that the lists
are non-empty before allowing them to be used:
https://lore.kernel.org/all/20230114-hid-fix-emmpty-report-list-v1-0-e4d02fad3ba5@diag.uniroma1.it/T/

Best regards,
Pietro Borrello

Comment 18 Michal Hocko 2023-01-19 14:21:21 UTC

Vasant, could you have a look at these backports please?

Comment 26 Swamp Workflow Management 2023-01-26 14:30:53 UTC

SUSE-SU-2023:0152-1: An update that solves 19 vulnerabilities, contains three features and has 71 fixes is now available.

Category: security (important)
Bug References: 1065729,1151927,1156395,1157049,1190969,1203183,1203693,1203740,1204171,1204250,1204614,1204693,1204760,1204989,1205149,1205256,1205495,1205496,1205601,1205695,1206073,1206113,1206114,1206174,1206175,1206176,1206177,1206178,1206179,1206344,1206389,1206393,1206394,1206395,1206397,1206398,1206399,1206515,1206602,1206634,1206635,1206636,1206637,1206640,1206641,1206642,1206643,1206644,1206645,1206646,1206647,1206648,1206649,1206663,1206664,1206784,1206841,1206854,1206855,1206857,1206858,1206859,1206860,1206873,1206875,1206876,1206877,1206878,1206880,1206881,1206882,1206883,1206884,1206885,1206886,1206887,1206888,1206889,1206890,1206891,1206893,1206896,1206904,1207036,1207125,1207134,1207186,1207198,1207218,1207237
CVE References: CVE-2019-19083,CVE-2022-3105,CVE-2022-3106,CVE-2022-3107,CVE-2022-3108,CVE-2022-3111,CVE-2022-3112,CVE-2022-3115,CVE-2022-3435,CVE-2022-3564,CVE-2022-3643,CVE-2022-42328,CVE-2022-42329,CVE-2022-4662,CVE-2022-47520,CVE-2022-47929,CVE-2023-0266,CVE-2023-23454,CVE-2023-23455
JIRA References: PED-1445,PED-1706,PED-568
Sources used:
openSUSE Leap Micro 5.2 (src):    kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1
openSUSE Leap 15.4 (src):    dtb-aarch64-5.3.18-150300.59.109.1
SUSE Manager Server 4.2 (src):    kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-zfcpdump-5.3.18-150300.59.109.1
SUSE Manager Retail Branch Server 4.2 (src):    kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1
SUSE Manager Proxy 4.2 (src):    kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1
SUSE Linux Enterprise Server for SAP 15-SP3 (src):    kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1
SUSE Linux Enterprise Server 15-SP3-LTSS (src):    kernel-64kb-5.3.18-150300.59.109.1, kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1, kernel-zfcpdump-5.3.18-150300.59.109.1
SUSE Linux Enterprise Realtime Extension 15-SP3 (src):    kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1
SUSE Linux Enterprise Module for Live Patching 15-SP3 (src):    kernel-default-5.3.18-150300.59.109.1, kernel-livepatch-SLE15-SP3_Update_28-1-150300.7.3.1
SUSE Linux Enterprise Micro 5.2 (src):    kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1
SUSE Linux Enterprise Micro 5.1 (src):    kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1
SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (src):    kernel-64kb-5.3.18-150300.59.109.1, kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1
SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (src):    kernel-64kb-5.3.18-150300.59.109.1, kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1
SUSE Linux Enterprise High Availability 15-SP3 (src):    kernel-default-5.3.18-150300.59.109.1
SUSE Enterprise Storage 7.1 (src):    kernel-64kb-5.3.18-150300.59.109.1, kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 40 Marcus Meissner 2023-02-09 16:16:54 UTC

exploitability is not clear, seem to say no?

If yes, is it denial of service or is there code execution possibility?

On USB devices as HID, DOS is not classified CVE worthy (you can just plugin 220v into USB instead.), only code execution would be CVE worthy.

Comment 43 Swamp Workflow Management 2023-02-13 14:22:02 UTC

SUSE-SU-2023:0394-1: An update that solves 5 vulnerabilities, contains two features and has 41 fixes is now available.

Category: security (important)
Bug References: 1185861,1185863,1186449,1191256,1192868,1193629,1194869,1195175,1195655,1196058,1199701,1204063,1204356,1204662,1205495,1206006,1206036,1206056,1206057,1206258,1206363,1206459,1206616,1206677,1206784,1207010,1207034,1207134,1207149,1207158,1207184,1207186,1207190,1207237,1207263,1207269,1207497,1207500,1207501,1207506,1207507,1207734,1207769,1207842,1207878,1207933
CVE References: CVE-2020-24588,CVE-2022-4382,CVE-2022-47929,CVE-2023-0179,CVE-2023-0266
JIRA References: SLE-21132,SLE-24682
Sources used:
openSUSE Leap 15.4 (src):    kernel-azure-5.14.21-150400.14.34.1, kernel-source-azure-5.14.21-150400.14.34.1, kernel-syms-azure-5.14.21-150400.14.34.1
SUSE Linux Enterprise Module for Public Cloud 15-SP4 (src):    kernel-azure-5.14.21-150400.14.34.1, kernel-source-azure-5.14.21-150400.14.34.1, kernel-syms-azure-5.14.21-150400.14.34.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 44 Swamp Workflow Management 2023-02-14 17:22:23 UTC

SUSE-SU-2023:0406-1: An update that solves 16 vulnerabilities, contains one feature and has 14 fixes is now available.

Category: security (important)
Bug References: 1203183,1203693,1203740,1204171,1204614,1204760,1205149,1206073,1206113,1206114,1206314,1206389,1206393,1206395,1206398,1206399,1206515,1206664,1206677,1206784,1207036,1207125,1207134,1207186,1207188,1207189,1207190,1207237,1207769,1207823
CVE References: CVE-2022-3105,CVE-2022-3107,CVE-2022-3108,CVE-2022-3112,CVE-2022-3115,CVE-2022-3435,CVE-2022-3564,CVE-2022-3643,CVE-2022-42328,CVE-2022-42329,CVE-2022-4662,CVE-2022-47520,CVE-2022-47929,CVE-2023-0266,CVE-2023-23454,CVE-2023-23455
JIRA References: PED-1706
Sources used:
SUSE Linux Enterprise Server for SAP 15-SP2 (src):    kernel-default-5.3.18-150200.24.142.1, kernel-default-base-5.3.18-150200.24.142.1.150200.9.67.1, kernel-docs-5.3.18-150200.24.142.1, kernel-obs-build-5.3.18-150200.24.142.1, kernel-preempt-5.3.18-150200.24.142.1, kernel-source-5.3.18-150200.24.142.1, kernel-syms-5.3.18-150200.24.142.1
SUSE Linux Enterprise Server 15-SP2-LTSS (src):    kernel-default-5.3.18-150200.24.142.1, kernel-default-base-5.3.18-150200.24.142.1.150200.9.67.1, kernel-docs-5.3.18-150200.24.142.1, kernel-obs-build-5.3.18-150200.24.142.1, kernel-preempt-5.3.18-150200.24.142.1, kernel-source-5.3.18-150200.24.142.1, kernel-syms-5.3.18-150200.24.142.1
SUSE Linux Enterprise Module for Live Patching 15-SP2 (src):    kernel-default-5.3.18-150200.24.142.1, kernel-livepatch-SLE15-SP2_Update_33-1-150200.5.3.1
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src):    kernel-default-5.3.18-150200.24.142.1, kernel-default-base-5.3.18-150200.24.142.1.150200.9.67.1, kernel-docs-5.3.18-150200.24.142.1, kernel-obs-build-5.3.18-150200.24.142.1, kernel-preempt-5.3.18-150200.24.142.1, kernel-source-5.3.18-150200.24.142.1, kernel-syms-5.3.18-150200.24.142.1
SUSE Linux Enterprise High Availability 15-SP2 (src):    kernel-default-5.3.18-150200.24.142.1
SUSE Enterprise Storage 7 (src):    kernel-default-5.3.18-150200.24.142.1, kernel-default-base-5.3.18-150200.24.142.1.150200.9.67.1, kernel-docs-5.3.18-150200.24.142.1, kernel-obs-build-5.3.18-150200.24.142.1, kernel-preempt-5.3.18-150200.24.142.1, kernel-source-5.3.18-150200.24.142.1, kernel-syms-5.3.18-150200.24.142.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 45 Swamp Workflow Management 2023-02-14 17:24:31 UTC

SUSE-SU-2023:0407-1: An update that solves four vulnerabilities and has 5 fixes is now available.

Category: security (important)
Bug References: 1203693,1205149,1206073,1206664,1206677,1206784,1207036,1207186,1207237
CVE References: CVE-2022-3564,CVE-2022-4662,CVE-2022-47929,CVE-2023-23454
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    kernel-default-4.12.14-95.117.1, kernel-source-4.12.14-95.117.1, kernel-syms-4.12.14-95.117.1
SUSE OpenStack Cloud 9 (src):    kernel-default-4.12.14-95.117.1, kernel-source-4.12.14-95.117.1, kernel-syms-4.12.14-95.117.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    kernel-default-4.12.14-95.117.1, kernel-source-4.12.14-95.117.1, kernel-syms-4.12.14-95.117.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    kernel-default-4.12.14-95.117.1, kernel-source-4.12.14-95.117.1, kernel-syms-4.12.14-95.117.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.117.1, kgraft-patch-SLE12-SP4_Update_33-1-6.3.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.117.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 46 Swamp Workflow Management 2023-02-14 20:24:59 UTC

SUSE-SU-2023:0410-1: An update that solves 6 vulnerabilities, contains one feature and has 5 fixes is now available.

Category: security (important)
Bug References: 1203693,1205149,1206073,1206389,1206395,1206664,1206677,1206784,1207036,1207186,1207237
CVE References: CVE-2022-3107,CVE-2022-3108,CVE-2022-3564,CVE-2022-4662,CVE-2022-47929,CVE-2023-23454
JIRA References: PED-1706
Sources used:
openSUSE Leap 15.4 (src):    kernel-debug-4.12.14-150100.197.134.1, kernel-default-4.12.14-150100.197.134.1, kernel-kvmsmall-4.12.14-150100.197.134.1, kernel-vanilla-4.12.14-150100.197.134.1, kernel-zfcpdump-4.12.14-150100.197.134.1
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    kernel-default-4.12.14-150100.197.134.1, kernel-docs-4.12.14-150100.197.134.1, kernel-obs-build-4.12.14-150100.197.134.1, kernel-source-4.12.14-150100.197.134.1, kernel-syms-4.12.14-150100.197.134.1
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    kernel-default-4.12.14-150100.197.134.1, kernel-docs-4.12.14-150100.197.134.1, kernel-obs-build-4.12.14-150100.197.134.1, kernel-source-4.12.14-150100.197.134.1, kernel-syms-4.12.14-150100.197.134.1, kernel-zfcpdump-4.12.14-150100.197.134.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-150100.197.134.1, kernel-livepatch-SLE15-SP1_Update_37-1-150100.3.3.1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    kernel-default-4.12.14-150100.197.134.1, kernel-docs-4.12.14-150100.197.134.1, kernel-obs-build-4.12.14-150100.197.134.1, kernel-source-4.12.14-150100.197.134.1, kernel-syms-4.12.14-150100.197.134.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-150100.197.134.1
SUSE CaaS Platform 4.0 (src):    kernel-default-4.12.14-150100.197.134.1, kernel-docs-4.12.14-150100.197.134.1, kernel-obs-build-4.12.14-150100.197.134.1, kernel-source-4.12.14-150100.197.134.1, kernel-syms-4.12.14-150100.197.134.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 47 Swamp Workflow Management 2023-02-15 14:30:49 UTC

SUSE-SU-2023:0420-1: An update that solves 9 vulnerabilities and has three fixes is now available.

Category: security (important)
Bug References: 1108488,1205705,1205709,1206073,1206113,1206664,1206677,1206784,1207036,1207125,1207186,1207237
CVE References: CVE-2018-9517,CVE-2022-3564,CVE-2022-3643,CVE-2022-42895,CVE-2022-42896,CVE-2022-4662,CVE-2022-47929,CVE-2023-23454,CVE-2023-23455
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.199.1, kernel-source-4.4.121-92.199.1, kernel-syms-4.4.121-92.199.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 48 Swamp Workflow Management 2023-02-16 11:26:25 UTC

SUSE-SU-2023:0433-1: An update that solves 9 vulnerabilities, contains two features and has 42 fixes is now available.

Category: security (important)
Bug References: 1065729,1185861,1185863,1186449,1191256,1192868,1193629,1194869,1195175,1195655,1196058,1199701,1204063,1204356,1204662,1205495,1206006,1206036,1206056,1206057,1206258,1206363,1206459,1206616,1206677,1206784,1207010,1207034,1207036,1207050,1207125,1207134,1207149,1207158,1207184,1207186,1207190,1207237,1207263,1207269,1207497,1207500,1207501,1207506,1207507,1207734,1207769,1207795,1207842,1207878,1207933
CVE References: CVE-2020-24588,CVE-2022-4382,CVE-2022-47929,CVE-2023-0122,CVE-2023-0179,CVE-2023-0266,CVE-2023-0590,CVE-2023-23454,CVE-2023-23455
JIRA References: SLE-21132,SLE-24682
Sources used:
openSUSE Leap Micro 5.3 (src):    kernel-default-5.14.21-150400.24.46.1, kernel-default-base-5.14.21-150400.24.46.1.150400.24.17.3
openSUSE Leap 15.4 (src):    dtb-aarch64-5.14.21-150400.24.46.1, kernel-64kb-5.14.21-150400.24.46.1, kernel-debug-5.14.21-150400.24.46.1, kernel-default-5.14.21-150400.24.46.1, kernel-default-base-5.14.21-150400.24.46.1.150400.24.17.3, kernel-docs-5.14.21-150400.24.46.2, kernel-kvmsmall-5.14.21-150400.24.46.1, kernel-obs-build-5.14.21-150400.24.46.1, kernel-obs-qa-5.14.21-150400.24.46.1, kernel-source-5.14.21-150400.24.46.1, kernel-syms-5.14.21-150400.24.46.1, kernel-zfcpdump-5.14.21-150400.24.46.1
SUSE Linux Enterprise Workstation Extension 15-SP4 (src):    kernel-default-5.14.21-150400.24.46.1
SUSE Linux Enterprise Module for Live Patching 15-SP4 (src):    kernel-default-5.14.21-150400.24.46.1, kernel-livepatch-SLE15-SP4_Update_8-1-150400.9.3.3
SUSE Linux Enterprise Module for Legacy Software 15-SP4 (src):    kernel-default-5.14.21-150400.24.46.1
SUSE Linux Enterprise Module for Development Tools 15-SP4 (src):    kernel-docs-5.14.21-150400.24.46.2, kernel-obs-build-5.14.21-150400.24.46.1, kernel-source-5.14.21-150400.24.46.1, kernel-syms-5.14.21-150400.24.46.1
SUSE Linux Enterprise Module for Basesystem 15-SP4 (src):    kernel-64kb-5.14.21-150400.24.46.1, kernel-default-5.14.21-150400.24.46.1, kernel-default-base-5.14.21-150400.24.46.1.150400.24.17.3, kernel-source-5.14.21-150400.24.46.1, kernel-zfcpdump-5.14.21-150400.24.46.1
SUSE Linux Enterprise Micro 5.3 (src):    kernel-default-5.14.21-150400.24.46.1, kernel-default-base-5.14.21-150400.24.46.1.150400.24.17.3
SUSE Linux Enterprise High Availability 15-SP4 (src):    kernel-default-5.14.21-150400.24.46.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 52 Maintenance Automation 2023-02-23 12:30:07 UTC

SUSE-SU-2023:0488-1: An update that solves 11 vulnerabilities, contains two features and has 133 fixes can now be installed.

Category: security (important)
Bug References: 1166486, 1185861, 1185863, 1186449, 1191256, 1192868, 1193629, 1194869, 1195175, 1195655, 1196058, 1199701, 1203332, 1204063, 1204356, 1204662, 1205495, 1206006, 1206036, 1206056, 1206057, 1206224, 1206258, 1206363, 1206459, 1206616, 1206640, 1206677, 1206784, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206893, 1206894, 1207010, 1207034, 1207036, 1207050, 1207125, 1207134, 1207149, 1207158, 1207184, 1207186, 1207188, 1207189, 1207190, 1207237, 1207263, 1207269, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207842, 1207875, 1207878, 1207933, 1208030, 1208044, 1208085, 1208149, 1208153, 1208183, 1208428, 1208429
CVE References: CVE-2020-24588, CVE-2022-36280, CVE-2022-4382, CVE-2022-47929, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0266, CVE-2023-0590, CVE-2023-23454, CVE-2023-23455
Jira References: PED-3210, SLE-21132
Sources used:
openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_3-1-150400.1.3.1
SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 53 Maintenance Automation 2023-02-23 12:31:16 UTC

SUSE-SU-2023:0488-1: An update that solves 11 vulnerabilities, contains two features and has 133 fixes can now be installed.

Category: security (important)
Bug References: 1166486, 1185861, 1185863, 1186449, 1191256, 1192868, 1193629, 1194869, 1195175, 1195655, 1196058, 1199701, 1203332, 1204063, 1204356, 1204662, 1205495, 1206006, 1206036, 1206056, 1206057, 1206224, 1206258, 1206363, 1206459, 1206616, 1206640, 1206677, 1206784, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206893, 1206894, 1207010, 1207034, 1207036, 1207050, 1207125, 1207134, 1207149, 1207158, 1207184, 1207186, 1207188, 1207189, 1207190, 1207237, 1207263, 1207269, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207842, 1207875, 1207878, 1207933, 1208030, 1208044, 1208085, 1208149, 1208153, 1208183, 1208428, 1208429
CVE References: CVE-2020-24588, CVE-2022-36280, CVE-2022-4382, CVE-2022-47929, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0266, CVE-2023-0590, CVE-2023-23454, CVE-2023-23455
Jira References: PED-3210, SLE-21132
Sources used:
openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_3-1-150400.1.3.1
SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 54 Maintenance Automation 2023-02-23 12:32:26 UTC

SUSE-SU-2023:0488-1: An update that solves 11 vulnerabilities, contains two features and has 133 fixes can now be installed.

Category: security (important)
Bug References: 1166486, 1185861, 1185863, 1186449, 1191256, 1192868, 1193629, 1194869, 1195175, 1195655, 1196058, 1199701, 1203332, 1204063, 1204356, 1204662, 1205495, 1206006, 1206036, 1206056, 1206057, 1206224, 1206258, 1206363, 1206459, 1206616, 1206640, 1206677, 1206784, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206893, 1206894, 1207010, 1207034, 1207036, 1207050, 1207125, 1207134, 1207149, 1207158, 1207184, 1207186, 1207188, 1207189, 1207190, 1207237, 1207263, 1207269, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207842, 1207875, 1207878, 1207933, 1208030, 1208044, 1208085, 1208149, 1208153, 1208183, 1208428, 1208429
CVE References: CVE-2020-24588, CVE-2022-36280, CVE-2022-4382, CVE-2022-47929, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0266, CVE-2023-0590, CVE-2023-23454, CVE-2023-23455
Jira References: PED-3210, SLE-21132
Sources used:
openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_3-1-150400.1.3.1
SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 55 Maintenance Automation 2023-02-23 12:33:37 UTC

SUSE-SU-2023:0488-1: An update that solves 11 vulnerabilities, contains two features and has 133 fixes can now be installed.

Category: security (important)
Bug References: 1166486, 1185861, 1185863, 1186449, 1191256, 1192868, 1193629, 1194869, 1195175, 1195655, 1196058, 1199701, 1203332, 1204063, 1204356, 1204662, 1205495, 1206006, 1206036, 1206056, 1206057, 1206224, 1206258, 1206363, 1206459, 1206616, 1206640, 1206677, 1206784, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206893, 1206894, 1207010, 1207034, 1207036, 1207050, 1207125, 1207134, 1207149, 1207158, 1207184, 1207186, 1207188, 1207189, 1207190, 1207237, 1207263, 1207269, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207842, 1207875, 1207878, 1207933, 1208030, 1208044, 1208085, 1208149, 1208153, 1208183, 1208428, 1208429
CVE References: CVE-2020-24588, CVE-2022-36280, CVE-2022-4382, CVE-2022-47929, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0266, CVE-2023-0590, CVE-2023-23454, CVE-2023-23455
Jira References: PED-3210, SLE-21132
Sources used:
openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_3-1-150400.1.3.1
SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 56 Maintenance Automation 2023-02-23 12:34:46 UTC

SUSE-SU-2023:0488-1: An update that solves 11 vulnerabilities, contains two features and has 133 fixes can now be installed.

Category: security (important)
Bug References: 1166486, 1185861, 1185863, 1186449, 1191256, 1192868, 1193629, 1194869, 1195175, 1195655, 1196058, 1199701, 1203332, 1204063, 1204356, 1204662, 1205495, 1206006, 1206036, 1206056, 1206057, 1206224, 1206258, 1206363, 1206459, 1206616, 1206640, 1206677, 1206784, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206893, 1206894, 1207010, 1207034, 1207036, 1207050, 1207125, 1207134, 1207149, 1207158, 1207184, 1207186, 1207188, 1207189, 1207190, 1207237, 1207263, 1207269, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207842, 1207875, 1207878, 1207933, 1208030, 1208044, 1208085, 1208149, 1208153, 1208183, 1208428, 1208429
CVE References: CVE-2020-24588, CVE-2022-36280, CVE-2022-4382, CVE-2022-47929, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0266, CVE-2023-0590, CVE-2023-23454, CVE-2023-23455
Jira References: PED-3210, SLE-21132
Sources used:
openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_3-1-150400.1.3.1
SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 57 Maintenance Automation 2023-02-23 12:35:57 UTC

SUSE-SU-2023:0488-1: An update that solves 11 vulnerabilities, contains two features and has 133 fixes can now be installed.

Category: security (important)
Bug References: 1166486, 1185861, 1185863, 1186449, 1191256, 1192868, 1193629, 1194869, 1195175, 1195655, 1196058, 1199701, 1203332, 1204063, 1204356, 1204662, 1205495, 1206006, 1206036, 1206056, 1206057, 1206224, 1206258, 1206363, 1206459, 1206616, 1206640, 1206677, 1206784, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206893, 1206894, 1207010, 1207034, 1207036, 1207050, 1207125, 1207134, 1207149, 1207158, 1207184, 1207186, 1207188, 1207189, 1207190, 1207237, 1207263, 1207269, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207842, 1207875, 1207878, 1207933, 1208030, 1208044, 1208085, 1208149, 1208153, 1208183, 1208428, 1208429
CVE References: CVE-2020-24588, CVE-2022-36280, CVE-2022-4382, CVE-2022-47929, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0266, CVE-2023-0590, CVE-2023-23454, CVE-2023-23455
Jira References: PED-3210, SLE-21132
Sources used:
openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_3-1-150400.1.3.1
SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 58 Maintenance Automation 2023-02-23 12:37:06 UTC

SUSE-SU-2023:0488-1: An update that solves 11 vulnerabilities, contains two features and has 133 fixes can now be installed.

Category: security (important)
Bug References: 1166486, 1185861, 1185863, 1186449, 1191256, 1192868, 1193629, 1194869, 1195175, 1195655, 1196058, 1199701, 1203332, 1204063, 1204356, 1204662, 1205495, 1206006, 1206036, 1206056, 1206057, 1206224, 1206258, 1206363, 1206459, 1206616, 1206640, 1206677, 1206784, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206893, 1206894, 1207010, 1207034, 1207036, 1207050, 1207125, 1207134, 1207149, 1207158, 1207184, 1207186, 1207188, 1207189, 1207190, 1207237, 1207263, 1207269, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207842, 1207875, 1207878, 1207933, 1208030, 1208044, 1208085, 1208149, 1208153, 1208183, 1208428, 1208429
CVE References: CVE-2020-24588, CVE-2022-36280, CVE-2022-4382, CVE-2022-47929, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0266, CVE-2023-0590, CVE-2023-23454, CVE-2023-23455
Jira References: PED-3210, SLE-21132
Sources used:
openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_3-1-150400.1.3.1
SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 59 Maintenance Automation 2023-02-23 12:38:16 UTC

SUSE-SU-2023:0488-1: An update that solves 11 vulnerabilities, contains two features and has 133 fixes can now be installed.

Category: security (important)
Bug References: 1166486, 1185861, 1185863, 1186449, 1191256, 1192868, 1193629, 1194869, 1195175, 1195655, 1196058, 1199701, 1203332, 1204063, 1204356, 1204662, 1205495, 1206006, 1206036, 1206056, 1206057, 1206224, 1206258, 1206363, 1206459, 1206616, 1206640, 1206677, 1206784, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206893, 1206894, 1207010, 1207034, 1207036, 1207050, 1207125, 1207134, 1207149, 1207158, 1207184, 1207186, 1207188, 1207189, 1207190, 1207237, 1207263, 1207269, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207842, 1207875, 1207878, 1207933, 1208030, 1208044, 1208085, 1208149, 1208153, 1208183, 1208428, 1208429
CVE References: CVE-2020-24588, CVE-2022-36280, CVE-2022-4382, CVE-2022-47929, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0266, CVE-2023-0590, CVE-2023-23454, CVE-2023-23455
Jira References: PED-3210, SLE-21132
Sources used:
openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_3-1-150400.1.3.1
SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 60 Maintenance Automation 2023-02-23 12:39:26 UTC

SUSE-SU-2023:0488-1: An update that solves 11 vulnerabilities, contains two features and has 133 fixes can now be installed.

Category: security (important)
Bug References: 1166486, 1185861, 1185863, 1186449, 1191256, 1192868, 1193629, 1194869, 1195175, 1195655, 1196058, 1199701, 1203332, 1204063, 1204356, 1204662, 1205495, 1206006, 1206036, 1206056, 1206057, 1206224, 1206258, 1206363, 1206459, 1206616, 1206640, 1206677, 1206784, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206893, 1206894, 1207010, 1207034, 1207036, 1207050, 1207125, 1207134, 1207149, 1207158, 1207184, 1207186, 1207188, 1207189, 1207190, 1207237, 1207263, 1207269, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207842, 1207875, 1207878, 1207933, 1208030, 1208044, 1208085, 1208149, 1208153, 1208183, 1208428, 1208429
CVE References: CVE-2020-24588, CVE-2022-36280, CVE-2022-4382, CVE-2022-47929, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0266, CVE-2023-0590, CVE-2023-23454, CVE-2023-23455
Jira References: PED-3210, SLE-21132
Sources used:
openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_3-1-150400.1.3.1
SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 61 Maintenance Automation 2023-02-23 12:40:37 UTC

SUSE-SU-2023:0488-1: An update that solves 11 vulnerabilities, contains two features and has 133 fixes can now be installed.

Category: security (important)
Bug References: 1166486, 1185861, 1185863, 1186449, 1191256, 1192868, 1193629, 1194869, 1195175, 1195655, 1196058, 1199701, 1203332, 1204063, 1204356, 1204662, 1205495, 1206006, 1206036, 1206056, 1206057, 1206224, 1206258, 1206363, 1206459, 1206616, 1206640, 1206677, 1206784, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206893, 1206894, 1207010, 1207034, 1207036, 1207050, 1207125, 1207134, 1207149, 1207158, 1207184, 1207186, 1207188, 1207189, 1207190, 1207237, 1207263, 1207269, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207842, 1207875, 1207878, 1207933, 1208030, 1208044, 1208085, 1208149, 1208153, 1208183, 1208428, 1208429
CVE References: CVE-2020-24588, CVE-2022-36280, CVE-2022-4382, CVE-2022-47929, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0266, CVE-2023-0590, CVE-2023-23454, CVE-2023-23455
Jira References: PED-3210, SLE-21132
Sources used:
openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_3-1-150400.1.3.1
SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 62 Maintenance Automation 2023-02-23 12:41:47 UTC

SUSE-SU-2023:0488-1: An update that solves 11 vulnerabilities, contains two features and has 133 fixes can now be installed.

Category: security (important)
Bug References: 1166486, 1185861, 1185863, 1186449, 1191256, 1192868, 1193629, 1194869, 1195175, 1195655, 1196058, 1199701, 1203332, 1204063, 1204356, 1204662, 1205495, 1206006, 1206036, 1206056, 1206057, 1206224, 1206258, 1206363, 1206459, 1206616, 1206640, 1206677, 1206784, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206893, 1206894, 1207010, 1207034, 1207036, 1207050, 1207125, 1207134, 1207149, 1207158, 1207184, 1207186, 1207188, 1207189, 1207190, 1207237, 1207263, 1207269, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207842, 1207875, 1207878, 1207933, 1208030, 1208044, 1208085, 1208149, 1208153, 1208183, 1208428, 1208429
CVE References: CVE-2020-24588, CVE-2022-36280, CVE-2022-4382, CVE-2022-47929, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0266, CVE-2023-0590, CVE-2023-23454, CVE-2023-23455
Jira References: PED-3210, SLE-21132
Sources used:
openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_3-1-150400.1.3.1
SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 63 Maintenance Automation 2023-02-23 12:45:50 UTC

SUSE-SU-2023:0488-1: An update that solves 11 vulnerabilities, contains two features and has 133 fixes can now be installed.

Category: security (important)
Bug References: 1166486, 1185861, 1185863, 1186449, 1191256, 1192868, 1193629, 1194869, 1195175, 1195655, 1196058, 1199701, 1203332, 1204063, 1204356, 1204662, 1205495, 1206006, 1206036, 1206056, 1206057, 1206224, 1206258, 1206363, 1206459, 1206616, 1206640, 1206677, 1206784, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206893, 1206894, 1207010, 1207034, 1207036, 1207050, 1207125, 1207134, 1207149, 1207158, 1207184, 1207186, 1207188, 1207189, 1207190, 1207237, 1207263, 1207269, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207842, 1207875, 1207878, 1207933, 1208030, 1208044, 1208085, 1208149, 1208153, 1208183, 1208428, 1208429
CVE References: CVE-2020-24588, CVE-2022-36280, CVE-2022-4382, CVE-2022-47929, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0266, CVE-2023-0590, CVE-2023-23454, CVE-2023-23455
Jira References: PED-3210, SLE-21132
Sources used:
openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_3-1-150400.1.3.1
SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 64 Maintenance Automation 2023-02-23 12:47:00 UTC

SUSE-SU-2023:0488-1: An update that solves 11 vulnerabilities, contains two features and has 133 fixes can now be installed.

Category: security (important)
Bug References: 1166486, 1185861, 1185863, 1186449, 1191256, 1192868, 1193629, 1194869, 1195175, 1195655, 1196058, 1199701, 1203332, 1204063, 1204356, 1204662, 1205495, 1206006, 1206036, 1206056, 1206057, 1206224, 1206258, 1206363, 1206459, 1206616, 1206640, 1206677, 1206784, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206893, 1206894, 1207010, 1207034, 1207036, 1207050, 1207125, 1207134, 1207149, 1207158, 1207184, 1207186, 1207188, 1207189, 1207190, 1207237, 1207263, 1207269, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207842, 1207875, 1207878, 1207933, 1208030, 1208044, 1208085, 1208149, 1208153, 1208183, 1208428, 1208429
CVE References: CVE-2020-24588, CVE-2022-36280, CVE-2022-4382, CVE-2022-47929, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0266, CVE-2023-0590, CVE-2023-23454, CVE-2023-23455
Jira References: PED-3210, SLE-21132
Sources used:
openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_3-1-150400.1.3.1
SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 65 Maintenance Automation 2023-02-23 12:48:10 UTC

SUSE-SU-2023:0488-1: An update that solves 11 vulnerabilities, contains two features and has 133 fixes can now be installed.

Category: security (important)
Bug References: 1166486, 1185861, 1185863, 1186449, 1191256, 1192868, 1193629, 1194869, 1195175, 1195655, 1196058, 1199701, 1203332, 1204063, 1204356, 1204662, 1205495, 1206006, 1206036, 1206056, 1206057, 1206224, 1206258, 1206363, 1206459, 1206616, 1206640, 1206677, 1206784, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206893, 1206894, 1207010, 1207034, 1207036, 1207050, 1207125, 1207134, 1207149, 1207158, 1207184, 1207186, 1207188, 1207189, 1207190, 1207237, 1207263, 1207269, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207842, 1207875, 1207878, 1207933, 1208030, 1208044, 1208085, 1208149, 1208153, 1208183, 1208428, 1208429
CVE References: CVE-2020-24588, CVE-2022-36280, CVE-2022-4382, CVE-2022-47929, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0266, CVE-2023-0590, CVE-2023-23454, CVE-2023-23455
Jira References: PED-3210, SLE-21132
Sources used:
openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_3-1-150400.1.3.1
SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 66 Maintenance Automation 2023-02-23 12:49:20 UTC

SUSE-SU-2023:0488-1: An update that solves 11 vulnerabilities, contains two features and has 133 fixes can now be installed.

Category: security (important)
Bug References: 1166486, 1185861, 1185863, 1186449, 1191256, 1192868, 1193629, 1194869, 1195175, 1195655, 1196058, 1199701, 1203332, 1204063, 1204356, 1204662, 1205495, 1206006, 1206036, 1206056, 1206057, 1206224, 1206258, 1206363, 1206459, 1206616, 1206640, 1206677, 1206784, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206893, 1206894, 1207010, 1207034, 1207036, 1207050, 1207125, 1207134, 1207149, 1207158, 1207184, 1207186, 1207188, 1207189, 1207190, 1207237, 1207263, 1207269, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207842, 1207875, 1207878, 1207933, 1208030, 1208044, 1208085, 1208149, 1208153, 1208183, 1208428, 1208429
CVE References: CVE-2020-24588, CVE-2022-36280, CVE-2022-4382, CVE-2022-47929, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0266, CVE-2023-0590, CVE-2023-23454, CVE-2023-23455
Jira References: PED-3210, SLE-21132
Sources used:
openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_3-1-150400.1.3.1
SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 67 Maintenance Automation 2023-02-23 12:50:30 UTC

SUSE-SU-2023:0488-1: An update that solves 11 vulnerabilities, contains two features and has 133 fixes can now be installed.

Category: security (important)
Bug References: 1166486, 1185861, 1185863, 1186449, 1191256, 1192868, 1193629, 1194869, 1195175, 1195655, 1196058, 1199701, 1203332, 1204063, 1204356, 1204662, 1205495, 1206006, 1206036, 1206056, 1206057, 1206224, 1206258, 1206363, 1206459, 1206616, 1206640, 1206677, 1206784, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206893, 1206894, 1207010, 1207034, 1207036, 1207050, 1207125, 1207134, 1207149, 1207158, 1207184, 1207186, 1207188, 1207189, 1207190, 1207237, 1207263, 1207269, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207842, 1207875, 1207878, 1207933, 1208030, 1208044, 1208085, 1208149, 1208153, 1208183, 1208428, 1208429
CVE References: CVE-2020-24588, CVE-2022-36280, CVE-2022-4382, CVE-2022-47929, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0266, CVE-2023-0590, CVE-2023-23454, CVE-2023-23455
Jira References: PED-3210, SLE-21132
Sources used:
openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_3-1-150400.1.3.1
SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 68 Maintenance Automation 2023-02-23 12:51:40 UTC

SUSE-SU-2023:0488-1: An update that solves 11 vulnerabilities, contains two features and has 133 fixes can now be installed.

Category: security (important)
Bug References: 1166486, 1185861, 1185863, 1186449, 1191256, 1192868, 1193629, 1194869, 1195175, 1195655, 1196058, 1199701, 1203332, 1204063, 1204356, 1204662, 1205495, 1206006, 1206036, 1206056, 1206057, 1206224, 1206258, 1206363, 1206459, 1206616, 1206640, 1206677, 1206784, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206893, 1206894, 1207010, 1207034, 1207036, 1207050, 1207125, 1207134, 1207149, 1207158, 1207184, 1207186, 1207188, 1207189, 1207190, 1207237, 1207263, 1207269, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207842, 1207875, 1207878, 1207933, 1208030, 1208044, 1208085, 1208149, 1208153, 1208183, 1208428, 1208429
CVE References: CVE-2020-24588, CVE-2022-36280, CVE-2022-4382, CVE-2022-47929, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0266, CVE-2023-0590, CVE-2023-23454, CVE-2023-23455
Jira References: PED-3210, SLE-21132
Sources used:
openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_3-1-150400.1.3.1
SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 69 Maintenance Automation 2023-02-23 12:52:50 UTC

SUSE-SU-2023:0488-1: An update that solves 11 vulnerabilities, contains two features and has 133 fixes can now be installed.

Category: security (important)
Bug References: 1166486, 1185861, 1185863, 1186449, 1191256, 1192868, 1193629, 1194869, 1195175, 1195655, 1196058, 1199701, 1203332, 1204063, 1204356, 1204662, 1205495, 1206006, 1206036, 1206056, 1206057, 1206224, 1206258, 1206363, 1206459, 1206616, 1206640, 1206677, 1206784, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206893, 1206894, 1207010, 1207034, 1207036, 1207050, 1207125, 1207134, 1207149, 1207158, 1207184, 1207186, 1207188, 1207189, 1207190, 1207237, 1207263, 1207269, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207842, 1207875, 1207878, 1207933, 1208030, 1208044, 1208085, 1208149, 1208153, 1208183, 1208428, 1208429
CVE References: CVE-2020-24588, CVE-2022-36280, CVE-2022-4382, CVE-2022-47929, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0266, CVE-2023-0590, CVE-2023-23454, CVE-2023-23455
Jira References: PED-3210, SLE-21132
Sources used:
openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_3-1-150400.1.3.1
SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 70 Maintenance Automation 2023-02-23 12:54:00 UTC

SUSE-SU-2023:0488-1: An update that solves 11 vulnerabilities, contains two features and has 133 fixes can now be installed.

Category: security (important)
Bug References: 1166486, 1185861, 1185863, 1186449, 1191256, 1192868, 1193629, 1194869, 1195175, 1195655, 1196058, 1199701, 1203332, 1204063, 1204356, 1204662, 1205495, 1206006, 1206036, 1206056, 1206057, 1206224, 1206258, 1206363, 1206459, 1206616, 1206640, 1206677, 1206784, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206893, 1206894, 1207010, 1207034, 1207036, 1207050, 1207125, 1207134, 1207149, 1207158, 1207184, 1207186, 1207188, 1207189, 1207190, 1207237, 1207263, 1207269, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207842, 1207875, 1207878, 1207933, 1208030, 1208044, 1208085, 1208149, 1208153, 1208183, 1208428, 1208429
CVE References: CVE-2020-24588, CVE-2022-36280, CVE-2022-4382, CVE-2022-47929, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0266, CVE-2023-0590, CVE-2023-23454, CVE-2023-23455
Jira References: PED-3210, SLE-21132
Sources used:
openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_3-1-150400.1.3.1
SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 71 Maintenance Automation 2023-02-23 12:55:11 UTC

SUSE-SU-2023:0488-1: An update that solves 11 vulnerabilities, contains two features and has 133 fixes can now be installed.

Category: security (important)
Bug References: 1166486, 1185861, 1185863, 1186449, 1191256, 1192868, 1193629, 1194869, 1195175, 1195655, 1196058, 1199701, 1203332, 1204063, 1204356, 1204662, 1205495, 1206006, 1206036, 1206056, 1206057, 1206224, 1206258, 1206363, 1206459, 1206616, 1206640, 1206677, 1206784, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206893, 1206894, 1207010, 1207034, 1207036, 1207050, 1207125, 1207134, 1207149, 1207158, 1207184, 1207186, 1207188, 1207189, 1207190, 1207237, 1207263, 1207269, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207842, 1207875, 1207878, 1207933, 1208030, 1208044, 1208085, 1208149, 1208153, 1208183, 1208428, 1208429
CVE References: CVE-2020-24588, CVE-2022-36280, CVE-2022-4382, CVE-2022-47929, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0266, CVE-2023-0590, CVE-2023-23454, CVE-2023-23455
Jira References: PED-3210, SLE-21132
Sources used:
openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_3-1-150400.1.3.1
SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 72 Maintenance Automation 2023-02-23 20:30:46 UTC

SUSE-SU-2023:0485-1: An update that solves six vulnerabilities, contains two features and has 53 fixes can now be installed.

Category: security (important)
Bug References: 1175995, 1186449, 1198971, 1202712, 1202713, 1203332, 1203693, 1204356, 1204514, 1204662, 1205149, 1205397, 1205495, 1206602, 1206635, 1206640, 1206641, 1206642, 1206643, 1206645, 1206646, 1206648, 1206649, 1206677, 1206698, 1206784, 1206855, 1206858, 1206873, 1206876, 1206877, 1206878, 1206880, 1206882, 1206883, 1206884, 1206885, 1206887, 1206888, 1206890, 1207036, 1207092, 1207093, 1207094, 1207097, 1207102, 1207103, 1207104, 1207107, 1207108, 1207134, 1207168, 1207186, 1207195, 1207237, 1207773, 1207795, 1207875, 1208108
CVE References: CVE-2022-36280, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0590, CVE-2023-23454
Jira References: PED-1706, SLE-15608
Sources used:
SUSE Linux Enterprise Real Time 12 SP5 (src): kernel-source-rt-4.12.14-10.115.1, kernel-syms-rt-4.12.14-10.115.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 76 Maintenance Automation 2023-03-06 12:30:33 UTC

SUSE-SU-2023:0618-1: An update that solves 10 vulnerabilities, contains three features and has 28 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1175995, 1198971, 1202712, 1203200, 1203740, 1204250, 1204514, 1205149, 1205397, 1205495, 1206073, 1206640, 1206648, 1206784, 1206855, 1206858, 1206873, 1206877, 1206878, 1206880, 1206882, 1206883, 1206884, 1206887, 1206896, 1207092, 1207093, 1207094, 1207097, 1207102, 1207186, 1207195, 1207201, 1207237, 1208108, 1208541, 1208570
CVE References: CVE-2022-3107, CVE-2022-3108, CVE-2022-3564, CVE-2022-36280, CVE-2022-4662, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0590, CVE-2023-23454
Jira References: PED-1706, PED-568, SLE-15608
Sources used:
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): kernel-source-azure-4.12.14-16.124.1, kernel-syms-azure-4.12.14-16.124.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src): kernel-source-azure-4.12.14-16.124.1, kernel-syms-azure-4.12.14-16.124.1
SUSE Linux Enterprise Server 12 SP5 (src): kernel-source-azure-4.12.14-16.124.1, kernel-syms-azure-4.12.14-16.124.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 77 Maintenance Automation 2023-03-07 12:30:35 UTC

SUSE-SU-2023:0634-1: An update that solves nine vulnerabilities, contains two features and has 56 fixes can now be installed.

Category: security (important)
Bug References: 1068032, 1175995, 1186449, 1194535, 1198971, 1201420, 1202195, 1202712, 1202713, 1203200, 1203332, 1203693, 1204356, 1204514, 1204662, 1205149, 1205397, 1205495, 1206602, 1206635, 1206640, 1206641, 1206642, 1206643, 1206645, 1206646, 1206648, 1206649, 1206664, 1206677, 1206698, 1206784, 1206855, 1206858, 1206873, 1206876, 1206877, 1206878, 1206880, 1206882, 1206883, 1206884, 1206885, 1206887, 1206888, 1206890, 1207092, 1207093, 1207094, 1207097, 1207102, 1207103, 1207104, 1207107, 1207108, 1207134, 1207186, 1207201, 1207237, 1207773, 1207795, 1207875, 1208108, 1208541, 1208570
CVE References: CVE-2017-5754, CVE-2021-4203, CVE-2022-2991, CVE-2022-36280, CVE-2022-4662, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0590
Jira References: PED-1706, SLE-15608
Sources used:
SUSE Linux Enterprise Live Patching 12-SP5 (src): kgraft-patch-SLE12-SP5_Update_40-1-8.3.1
SUSE Linux Enterprise Software Development Kit 12 SP5 (src): kernel-obs-build-4.12.14-122.150.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src): kernel-source-4.12.14-122.150.1, kernel-syms-4.12.14-122.150.1
SUSE Linux Enterprise Server 12 SP5 (src): kernel-source-4.12.14-122.150.1, kernel-syms-4.12.14-122.150.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): kernel-source-4.12.14-122.150.1, kernel-syms-4.12.14-122.150.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 80 Maintenance Automation 2023-03-16 20:31:35 UTC

SUSE-SU-2023:0779-1: An update that solves 21 vulnerabilities and has 12 fixes can now be installed.

Category: security (important)
Bug References: 1186449, 1203331, 1203332, 1203693, 1204502, 1204760, 1205149, 1206351, 1206677, 1206784, 1207034, 1207051, 1207134, 1207186, 1207237, 1207497, 1207508, 1207560, 1207773, 1207795, 1207845, 1207875, 1207878, 1208212, 1208599, 1208700, 1208741, 1208776, 1208816, 1208837, 1208845, 1208971, 1209008
CVE References: CVE-2022-3606, CVE-2022-36280, CVE-2022-38096, CVE-2022-47929, CVE-2023-0045, CVE-2023-0179, CVE-2023-0266, CVE-2023-0590, CVE-2023-0597, CVE-2023-1076, CVE-2023-1095, CVE-2023-1118, CVE-2023-1195, CVE-2023-22995, CVE-2023-22998, CVE-2023-23000, CVE-2023-23004, CVE-2023-23006, CVE-2023-23559, CVE-2023-25012, CVE-2023-26545
Sources used:
SUSE Real Time Module 15-SP3 (src): kernel-syms-rt-5.3.18-150300.121.1, kernel-source-rt-5.3.18-150300.121.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 83 Cathy Hu 2023-09-25 10:12:16 UTC

done, closing