1210506 – (CVE-2023-1998) VUL-0: CVE-2023-1998: kernel: x86/speculation: Allow enabling STIBP with legacy IBRS

Bug 1210506 (CVE-2023-1998) - VUL-0: CVE-2023-1998: kernel: x86/speculation: Allow enabling STIBP with legacy IBRS

Summary: VUL-0: CVE-2023-1998: kernel: x86/speculation: Allow enabling STIBP with lega...

Status:	RESOLVED FIXED

Alias:	CVE-2023-1998

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/363669/
Whiteboard:	CVSSv3.1:SUSE:CVE-2023-1998:5.6:(AV:L...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2023-04-17 09:05 UTC by Robert Frohl
Modified:	2024-06-25 17:36 UTC (History)
CC List:	7 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Robert Frohl 2023-04-17 09:05:26 UTC

CVE-2023-1998: x86/speculation: Allow enabling STIBP with legacy IBRS

CVSS v3 score is not provided.

The vulnerability report said that "The Linux kernel allows userspace
processes to enable mitigations by calling prctl with
PR_SET_SPECULATION_CTRL which disables the speculation feature as well
as by using seccomp. We had noticed that on VMs of at least one major
cloud provider, the kernel still left the victim process exposed to
attacks in some cases even after enabling the spectre-BTI mitigation
with prctl. The same beahaviour can be observed on a bare-metal
machine when forcing the mitigation to IBRS on boot comand line.
This happened because when plain IBRS was enabled (not enhanced IBRS),
the kernel had some logic that determined that STIBP was not needed.
The IBRS bit implicitly protects against cross-thread branch target
injection. However, with legacy IBRS, the IBRS bit was cleared on
returning to userspace, due to performance reasons, which disabled the
implicit STIBP and left userspace threads vulnerable to cross-thread
branch target injection against which STIBP protects.".

This bug was introduced by commit Z7c693f5 ("x86/speculation: Add
spectre_v2=ibrs option to support Kernel IBRS") in 5.19-rc7.
This commit is not backported to 4.4 kernels.

Fixed status
mainline: [6921ed9049bc7457f66c1596c5b78aec0dae4a9d]
stable/4.14: [03bc360ce8896ef53ebcef83cccd9f24d9815160]
stable/4.19: [10543fb3c9b019e45e2045f08f46fdf526add593]
stable/5.10: [abfed855f05863d292de2d0ebab4656791bab9c8]
stable/5.15: [e7f1ddebd9f5b12de40bc37db9243957678f1448]
stable/5.4: [34c1b60e7a80404056c03936dd9c2438da2789d4]
stable/6.1: [08d87c87d6461d16827c9b88d84c48c26b6c994a]
stable/6.2: [ead3c8e54d28fa1d5454b1f8a21b96b4a969b1cb]

Comment 3 Jiri Slaby 2023-04-17 11:11:30 UTC

While 7c693f54c873 is not in cve branches, it ended in:
SLE11-SP3-TD
SLE11-SP4-LTSS
SLE12-SP2-LTSS
SLE12-SP3-LTSS
SLE12-SP3-TD
SLE12-SP4-LTSS
SLE12-SP5
SLE15-LTSS
SLE15-SP1-LTSS
SLE15-SP2-LTSS
SLE15-SP3-LTSS
SLE15-SP4
SLE15-SP5

Comment 4 Jiri Slaby 2023-04-17 11:22:55 UTC

(In reply to Jiri Slaby from comment #3)
> SLE11-SP3-TD
> SLE11-SP4-LTSS
> SLE12-SP2-LTSS
> SLE12-SP3-LTSS
> SLE12-SP3-TD
> SLE12-SP4-LTSS
> SLE12-SP5
> SLE15-SP1-LTSS
> SLE15-SP2-LTSS
> SLE15-SP3-LTSS
> SLE15-SP4

Updated list where to backport -- SLE15-LTSS is not maintained anymore, SLE15-SP5 will inherit from sp4.

Comment 5 Jiri Slaby 2023-04-18 08:25:28 UTC

SLE12-SP3-TD
SLE11-SP4-LTSS
SLE11-SP3-TD
do not have STIBP implementation. They contain only dummy functions from commit 53c613fe63499 (x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation). So they are excluded. The rest pushed:
   fefcdfe2..21b44da8      SLE12-SP3-LTSS -> users/jslaby/SLE12-SP3-LTSS/for-next
   439b0879..82dbdfef      SLE12-SP5 -> users/jslaby/SLE12-SP5/for-next
 * [new branch]            SLE12-SP2-LTSS -> users/jslaby/SLE12-SP2-LTSS/for-next
 * [new branch]            SLE12-SP4-LTSS -> users/jslaby/SLE12-SP4-LTSS/for-next
 * [new branch]            SLE15-SP1-LTSS -> users/jslaby/SLE15-SP1-LTSS/for-next
 * [new branch]            SLE15-SP2-LTSS -> users/jslaby/SLE15-SP2-LTSS/for-next
 * [new branch]            SLE15-SP3-LTSS -> users/jslaby/SLE15-SP3-LTSS/for-next

Comment 24 Maintenance Automation 2023-05-09 16:30:04 UTC

SUSE-SU-2023:2151-1: An update that solves 11 vulnerabilities and has five fixes can now be installed.

Category: security (important)
Bug References: 1202353, 1205128, 1209613, 1209687, 1209777, 1209871, 1209887, 1210202, 1210301, 1210329, 1210336, 1210337, 1210469, 1210498, 1210506, 1210647
CVE References: CVE-2020-36691, CVE-2022-43945, CVE-2023-1611, CVE-2023-1670, CVE-2023-1855, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-30772
Sources used:
SUSE Linux Enterprise Live Patching 15-SP1 (src): kernel-livepatch-SLE15-SP1_Update_40-1-150100.3.3.1
SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (src): kernel-obs-build-4.12.14-150100.197.145.1, kernel-source-4.12.14-150100.197.145.1, kernel-syms-4.12.14-150100.197.145.1
SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (src): kernel-obs-build-4.12.14-150100.197.145.1, kernel-source-4.12.14-150100.197.145.1, kernel-syms-4.12.14-150100.197.145.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1 (src): kernel-obs-build-4.12.14-150100.197.145.1, kernel-source-4.12.14-150100.197.145.1, kernel-syms-4.12.14-150100.197.145.1
SUSE CaaS Platform 4.0 (src): kernel-obs-build-4.12.14-150100.197.145.1, kernel-source-4.12.14-150100.197.145.1, kernel-syms-4.12.14-150100.197.145.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 25 Maintenance Automation 2023-05-09 16:30:14 UTC

SUSE-SU-2023:2146-1: An update that solves 15 vulnerabilities and has five fixes can now be installed.

Category: security (important)
Bug References: 1202353, 1205128, 1206992, 1209613, 1209687, 1209777, 1209871, 1210202, 1210203, 1210301, 1210329, 1210336, 1210337, 1210414, 1210417, 1210453, 1210469, 1210506, 1210629, 1210647
CVE References: CVE-2020-36691, CVE-2022-2196, CVE-2022-43945, CVE-2023-1611, CVE-2023-1670, CVE-2023-1838, CVE-2023-1855, CVE-2023-1872, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2008, CVE-2023-2162, CVE-2023-2176, CVE-2023-30772
Sources used:
SUSE Linux Enterprise Live Patching 15-SP2 (src): kernel-livepatch-SLE15-SP2_Update_36-1-150200.5.3.1
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): kernel-source-5.3.18-150200.24.151.1, kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1, kernel-syms-5.3.18-150200.24.151.1, kernel-obs-build-5.3.18-150200.24.151.1
SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): kernel-source-5.3.18-150200.24.151.1, kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1, kernel-syms-5.3.18-150200.24.151.1, kernel-obs-build-5.3.18-150200.24.151.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): kernel-source-5.3.18-150200.24.151.1, kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1, kernel-syms-5.3.18-150200.24.151.1, kernel-obs-build-5.3.18-150200.24.151.1
SUSE Enterprise Storage 7 (src): kernel-source-5.3.18-150200.24.151.1, kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1, kernel-syms-5.3.18-150200.24.151.1, kernel-obs-build-5.3.18-150200.24.151.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 26 Maintenance Automation 2023-05-09 16:30:28 UTC

SUSE-SU-2023:2140-1: An update that solves 13 vulnerabilities, contains two features and has 44 fixes can now be installed.

Category: security (important)
Bug References: 1142685, 1155798, 1174777, 1189999, 1194869, 1203039, 1203325, 1204042, 1206649, 1206891, 1206992, 1207088, 1208076, 1208822, 1208845, 1209615, 1209693, 1209739, 1209871, 1209927, 1209999, 1210034, 1210158, 1210202, 1210206, 1210301, 1210329, 1210336, 1210337, 1210439, 1210453, 1210454, 1210469, 1210499, 1210506, 1210629, 1210630, 1210725, 1210729, 1210762, 1210763, 1210764, 1210765, 1210766, 1210767, 1210768, 1210769, 1210770, 1210771, 1210793, 1210816, 1210817, 1210827, 1210943, 1210953, 1210986, 1211025
CVE References: CVE-2022-2196, CVE-2023-0386, CVE-2023-1670, CVE-2023-1855, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2008, CVE-2023-2019, CVE-2023-2176, CVE-2023-2235, CVE-2023-23006, CVE-2023-30772
Jira References: PED-3750, PED-3759
Sources used:
openSUSE Leap Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1
openSUSE Leap 15.4 (src): kernel-syms-5.14.21-150400.24.63.1, kernel-obs-build-5.14.21-150400.24.63.1, kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1, kernel-obs-qa-5.14.21-150400.24.63.1, kernel-source-5.14.21-150400.24.63.1
SUSE Linux Enterprise Micro for Rancher 5.3 (src): kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1
SUSE Linux Enterprise Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1
SUSE Linux Enterprise Micro for Rancher 5.4 (src): kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1
SUSE Linux Enterprise Micro 5.4 (src): kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1
Basesystem Module 15-SP4 (src): kernel-source-5.14.21-150400.24.63.1, kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1
Development Tools Module 15-SP4 (src): kernel-syms-5.14.21-150400.24.63.1, kernel-obs-build-5.14.21-150400.24.63.1, kernel-source-5.14.21-150400.24.63.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4_Update_12-1-150400.9.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 27 Maintenance Automation 2023-05-09 16:30:49 UTC

SUSE-SU-2023:2148-1: An update that solves 16 vulnerabilities and has five fixes can now be installed.

Category: security (important)
Bug References: 1202353, 1205128, 1206992, 1207088, 1209687, 1209739, 1209777, 1209871, 1210202, 1210203, 1210301, 1210329, 1210336, 1210337, 1210414, 1210453, 1210469, 1210498, 1210506, 1210629, 1210647
CVE References: CVE-2020-36691, CVE-2022-2196, CVE-2022-43945, CVE-2023-1611, CVE-2023-1670, CVE-2023-1838, CVE-2023-1855, CVE-2023-1872, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2008, CVE-2023-2124, CVE-2023-2162, CVE-2023-2176, CVE-2023-30772
Sources used:
SUSE Linux Enterprise Live Patching 15-SP3 (src): kernel-livepatch-SLE15-SP3_Update_32-1-150300.7.3.2
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): kernel-syms-5.3.18-150300.59.121.1, kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2, kernel-source-5.3.18-150300.59.121.2, kernel-obs-build-5.3.18-150300.59.121.2
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): kernel-syms-5.3.18-150300.59.121.1, kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2, kernel-source-5.3.18-150300.59.121.2, kernel-obs-build-5.3.18-150300.59.121.2
SUSE Linux Enterprise Real Time 15 SP3 (src): kernel-syms-5.3.18-150300.59.121.1, kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2, kernel-source-5.3.18-150300.59.121.2, kernel-obs-build-5.3.18-150300.59.121.2
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): kernel-syms-5.3.18-150300.59.121.1, kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2, kernel-source-5.3.18-150300.59.121.2, kernel-obs-build-5.3.18-150300.59.121.2
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): kernel-syms-5.3.18-150300.59.121.1, kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2, kernel-source-5.3.18-150300.59.121.2, kernel-obs-build-5.3.18-150300.59.121.2
SUSE Manager Proxy 4.2 (src): kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2, kernel-source-5.3.18-150300.59.121.2
SUSE Manager Retail Branch Server 4.2 (src): kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2, kernel-source-5.3.18-150300.59.121.2
SUSE Manager Server 4.2 (src): kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2, kernel-source-5.3.18-150300.59.121.2
SUSE Enterprise Storage 7.1 (src): kernel-syms-5.3.18-150300.59.121.1, kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2, kernel-source-5.3.18-150300.59.121.2, kernel-obs-build-5.3.18-150300.59.121.2
SUSE Linux Enterprise Micro 5.1 (src): kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2
SUSE Linux Enterprise Micro 5.2 (src): kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2
SUSE Linux Enterprise Micro for Rancher 5.2 (src): kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 28 Maintenance Automation 2023-05-09 16:30:57 UTC

SUSE-SU-2023:2147-1: An update that solves 15 vulnerabilities and has five fixes can now be installed.

Category: security (important)
Bug References: 1202353, 1206992, 1207088, 1209687, 1209739, 1209777, 1209871, 1210202, 1210203, 1210301, 1210329, 1210336, 1210337, 1210414, 1210453, 1210469, 1210498, 1210506, 1210629, 1210647
CVE References: CVE-2020-36691, CVE-2022-2196, CVE-2023-1611, CVE-2023-1670, CVE-2023-1838, CVE-2023-1855, CVE-2023-1872, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2008, CVE-2023-2124, CVE-2023-2162, CVE-2023-2176, CVE-2023-30772
Sources used:
SUSE Real Time Module 15-SP3 (src): kernel-syms-rt-5.3.18-150300.127.1, kernel-source-rt-5.3.18-150300.127.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 30 Maintenance Automation 2023-05-10 12:30:15 UTC

SUSE-SU-2023:2156-1: An update that solves eight vulnerabilities and has 16 fixes can now be installed.

Category: security (important)
Bug References: 1142685, 1174777, 1190544, 1202353, 1207088, 1209342, 1209871, 1209887, 1209969, 1209999, 1210202, 1210301, 1210329, 1210336, 1210337, 1210430, 1210460, 1210466, 1210469, 1210498, 1210506, 1210534, 1210647, 1210827
CVE References: CVE-2023-1670, CVE-2023-1855, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-30772
Sources used:
SUSE Linux Enterprise Real Time 12 SP5 (src): kernel-source-rt-4.12.14-10.124.1, kernel-syms-rt-4.12.14-10.124.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 31 Maintenance Automation 2023-05-10 20:30:21 UTC

SUSE-SU-2023:2162-1: An update that solves 12 vulnerabilities and has 17 fixes can now be installed.

Category: security (important)
Bug References: 1142685, 1142926, 1174777, 1190544, 1202353, 1205128, 1207088, 1209342, 1209687, 1209777, 1209871, 1209887, 1209969, 1209999, 1210202, 1210301, 1210329, 1210336, 1210337, 1210430, 1210460, 1210466, 1210469, 1210498, 1210506, 1210534, 1210647, 1210827, 1211037
CVE References: CVE-2020-36691, CVE-2022-43945, CVE-2023-1611, CVE-2023-1670, CVE-2023-1855, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-2483, CVE-2023-30772
Sources used:
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): kernel-source-azure-4.12.14-16.133.1, kernel-syms-azure-4.12.14-16.133.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src): kernel-source-azure-4.12.14-16.133.1, kernel-syms-azure-4.12.14-16.133.1
SUSE Linux Enterprise Server 12 SP5 (src): kernel-source-azure-4.12.14-16.133.1, kernel-syms-azure-4.12.14-16.133.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 32 Maintenance Automation 2023-05-11 08:30:14 UTC

SUSE-SU-2023:2163-1: An update that solves 12 vulnerabilities and has 17 fixes can now be installed.

Category: security (important)
Bug References: 1142685, 1142926, 1174777, 1190544, 1202353, 1205128, 1207088, 1209342, 1209687, 1209777, 1209871, 1209887, 1209969, 1209999, 1210202, 1210301, 1210329, 1210336, 1210337, 1210430, 1210460, 1210466, 1210469, 1210498, 1210506, 1210534, 1210647, 1210827, 1211037
CVE References: CVE-2020-36691, CVE-2022-43945, CVE-2023-1611, CVE-2023-1670, CVE-2023-1855, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-2483, CVE-2023-30772
Sources used:
SUSE Linux Enterprise Live Patching 12-SP5 (src): kgraft-patch-SLE12-SP5_Update_43-1-8.3.1
SUSE Linux Enterprise Software Development Kit 12 SP5 (src): kernel-obs-build-4.12.14-122.159.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src): kernel-syms-4.12.14-122.159.1, kernel-source-4.12.14-122.159.1
SUSE Linux Enterprise Server 12 SP5 (src): kernel-syms-4.12.14-122.159.1, kernel-source-4.12.14-122.159.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): kernel-syms-4.12.14-122.159.1, kernel-source-4.12.14-122.159.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 35 Maintenance Automation 2023-05-17 12:30:12 UTC

SUSE-SU-2023:2231-1: An update that solves 13 vulnerabilities, contains two features and has 39 fixes can now be installed.

Category: security (important)
Bug References: 1142685, 1155798, 1174777, 1189999, 1194869, 1203039, 1203325, 1206649, 1206891, 1206992, 1207088, 1208076, 1208845, 1209615, 1209693, 1209739, 1209871, 1209927, 1209999, 1210034, 1210158, 1210202, 1210206, 1210301, 1210329, 1210336, 1210337, 1210439, 1210453, 1210454, 1210469, 1210506, 1210629, 1210725, 1210762, 1210763, 1210764, 1210765, 1210766, 1210767, 1210768, 1210769, 1210770, 1210771, 1210793, 1210816, 1210817, 1210827, 1210943, 1210953, 1210986, 1211025
CVE References: CVE-2022-2196, CVE-2023-0386, CVE-2023-1670, CVE-2023-1855, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2008, CVE-2023-2019, CVE-2023-2176, CVE-2023-2235, CVE-2023-23006, CVE-2023-30772
Jira References: PED-3750, PED-3759
Sources used:
openSUSE Leap 15.4 (src): kernel-syms-rt-5.14.21-150400.15.28.1, kernel-source-rt-5.14.21-150400.15.28.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_7-1-150400.1.5.2
SUSE Real Time Module 15-SP4 (src): kernel-syms-rt-5.14.21-150400.15.28.1, kernel-source-rt-5.14.21-150400.15.28.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 36 Maintenance Automation 2023-05-17 16:30:13 UTC

SUSE-SU-2023:2232-1: An update that solves 28 vulnerabilities and has 14 fixes can now be installed.

Category: security (important)
Bug References: 1076830, 1194535, 1202353, 1205128, 1207036, 1207125, 1207168, 1207185, 1207795, 1207845, 1208179, 1208333, 1208599, 1208777, 1208837, 1208850, 1209008, 1209052, 1209256, 1209289, 1209291, 1209532, 1209547, 1209549, 1209613, 1209687, 1209777, 1209778, 1209845, 1209871, 1209887, 1210124, 1210202, 1210301, 1210329, 1210336, 1210337, 1210469, 1210498, 1210506, 1210647, 1211037
CVE References: CVE-2017-5753, CVE-2020-36691, CVE-2021-3923, CVE-2021-4203, CVE-2022-20567, CVE-2022-43945, CVE-2023-0590, CVE-2023-0597, CVE-2023-1076, CVE-2023-1095, CVE-2023-1118, CVE-2023-1390, CVE-2023-1513, CVE-2023-1611, CVE-2023-1670, CVE-2023-1855, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-23454, CVE-2023-23455, CVE-2023-2483, CVE-2023-28328, CVE-2023-28464, CVE-2023-28772, CVE-2023-30772
Sources used:
SUSE OpenStack Cloud 9 (src): kernel-source-4.12.14-95.125.1, kernel-syms-4.12.14-95.125.1
SUSE OpenStack Cloud Crowbar 9 (src): kernel-source-4.12.14-95.125.1, kernel-syms-4.12.14-95.125.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4 (src): kernel-source-4.12.14-95.125.1, kernel-syms-4.12.14-95.125.1, drbd-9.0.14+git.62f906cf-4.26.2
SUSE Linux Enterprise High Availability Extension 12 SP4 (src): drbd-9.0.14+git.62f906cf-4.26.2
SUSE Linux Enterprise Live Patching 12-SP4 (src): kgraft-patch-SLE12-SP4_Update_35-1-6.5.1
SUSE Linux Enterprise Server 12 SP4 ESPOS 12-SP4 (src): kernel-source-4.12.14-95.125.1, kernel-syms-4.12.14-95.125.1
SUSE Linux Enterprise Server 12 SP4 LTSS 12-SP4 (src): kernel-source-4.12.14-95.125.1, kernel-syms-4.12.14-95.125.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 46 Maintenance Automation 2023-07-11 08:37:07 UTC

SUSE-SU-2023:2805-1: An update that solves 38 vulnerabilities and has four fixes can now be installed.

Category: security (important)
Bug References: 1126703, 1204405, 1205756, 1205758, 1205760, 1205762, 1205803, 1206878, 1207036, 1207125, 1207168, 1207795, 1208600, 1208777, 1208837, 1209008, 1209039, 1209052, 1209256, 1209287, 1209289, 1209291, 1209532, 1209549, 1209687, 1209871, 1210329, 1210336, 1210337, 1210498, 1210506, 1210647, 1210715, 1210940, 1211105, 1211186, 1211449, 1212128, 1212129, 1212154, 1212501, 1212842
CVE References: CVE-2017-5753, CVE-2018-20784, CVE-2022-3566, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-0590, CVE-2023-1077, CVE-2023-1095, CVE-2023-1118, CVE-2023-1249, CVE-2023-1380, CVE-2023-1390, CVE-2023-1513, CVE-2023-1611, CVE-2023-1670, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-2194, CVE-2023-23454, CVE-2023-23455, CVE-2023-2513, CVE-2023-28328, CVE-2023-28464, CVE-2023-28772, CVE-2023-30772, CVE-2023-3090, CVE-2023-3141, CVE-2023-31436, CVE-2023-3159, CVE-2023-3161, CVE-2023-32269, CVE-2023-35824
Sources used:
SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 (src): kernel-syms-4.4.121-92.205.1, kernel-source-4.4.121-92.205.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 47 Maintenance Automation 2023-07-11 16:32:03 UTC

SUSE-SU-2023:2809-1: An update that solves 84 vulnerabilities, contains 25 features and has 320 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1109158, 1142685, 1152472, 1152489, 1155798, 1160435, 1166486, 1172073, 1174777, 1177529, 1185861, 1186449, 1189998, 1189999, 1191731, 1193629, 1194869, 1195175, 1195655, 1195921, 1196058, 1197534, 1197617, 1198101, 1198400, 1198438, 1198835, 1199304, 1199701, 1200054, 1202353, 1202633, 1203039, 1203200, 1203325, 1203331, 1203332, 1203693, 1203906, 1204356, 1204363, 1204662, 1204993, 1205153, 1205191, 1205205, 1205544, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1205846, 1206024, 1206036, 1206056, 1206057, 1206103, 1206224, 1206232, 1206340, 1206459, 1206492, 1206493, 1206578, 1206640, 1206649, 1206824, 1206843, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206891, 1206893, 1206894, 1206935, 1206992, 1207034, 1207036, 1207050, 1207051, 1207088, 1207125, 1207149, 1207158, 1207168, 1207185, 1207270, 1207315, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207521, 1207553, 1207560, 1207574, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207827, 1207842, 1207845, 1207875, 1207878, 1207933, 1207935, 1207948, 1208050, 1208076, 1208081, 1208105, 1208107, 1208128, 1208130, 1208149, 1208153, 1208183, 1208212, 1208219, 1208290, 1208368, 1208410, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208542, 1208570, 1208588, 1208598, 1208599, 1208600, 1208601, 1208602, 1208604, 1208605, 1208607, 1208619, 1208628, 1208700, 1208741, 1208758, 1208759, 1208776, 1208777, 1208784, 1208787, 1208815, 1208816, 1208829, 1208837, 1208843, 1208845, 1208848, 1208864, 1208902, 1208948, 1208976, 1209008, 1209039, 1209052, 1209092, 1209159, 1209256, 1209258, 1209262, 1209287, 1209288, 1209290, 1209291, 1209292, 1209366, 1209367, 1209436, 1209457, 1209504, 1209532, 1209556, 1209600, 1209615, 1209635, 1209636, 1209637, 1209684, 1209687, 1209693, 1209739, 1209779, 1209780, 1209788, 1209798, 1209799, 1209804, 1209805, 1209856, 1209871, 1209927, 1209980, 1209982, 1209999, 1210034, 1210050, 1210158, 1210165, 1210202, 1210203, 1210206, 1210216, 1210230, 1210294, 1210301, 1210329, 1210336, 1210337, 1210409, 1210439, 1210449, 1210450, 1210453, 1210454, 1210469, 1210498, 1210506, 1210533, 1210551, 1210629, 1210644, 1210647, 1210725, 1210741, 1210762, 1210763, 1210764, 1210765, 1210766, 1210767, 1210768, 1210769, 1210770, 1210771, 1210775, 1210783, 1210791, 1210793, 1210806, 1210816, 1210817, 1210827, 1210940, 1210943, 1210947, 1210953, 1210986, 1211025, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211205, 1211263, 1211280, 1211281, 1211299, 1211346, 1211387, 1211400, 1211410, 1211414, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211593, 1211595, 1211654, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211794, 1211796, 1211804, 1211807, 1211808, 1211820, 1211836, 1211847, 1211852, 1211855, 1211960, 1212129, 1212154, 1212155, 1212158, 1212350, 1212405, 1212445, 1212448, 1212494, 1212495, 1212504, 1212513, 1212540, 1212556, 1212561, 1212563, 1212564, 1212584, 1212592, 1212605, 1212606, 1212619, 1212701, 1212741
CVE References: CVE-2020-24588, CVE-2022-2196, CVE-2022-3523, CVE-2022-36280, CVE-2022-38096, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2022-4744, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0386, CVE-2023-0394, CVE-2023-0461, CVE-2023-0469, CVE-2023-0590, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1077, CVE-2023-1078, CVE-2023-1079, CVE-2023-1095, CVE-2023-1118, CVE-2023-1249, CVE-2023-1382, CVE-2023-1513, CVE-2023-1582, CVE-2023-1583, CVE-2023-1611, CVE-2023-1637, CVE-2023-1652, CVE-2023-1670, CVE-2023-1838, CVE-2023-1855, CVE-2023-1989, CVE-2023-1998, CVE-2023-2002, CVE-2023-21102, CVE-2023-21106, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2176, CVE-2023-2235, CVE-2023-2269, CVE-2023-22998, CVE-2023-23000, CVE-2023-23001, CVE-2023-23004, CVE-2023-23006, CVE-2023-23454, CVE-2023-23455, CVE-2023-2483, CVE-2023-25012, CVE-2023-2513, CVE-2023-26545, CVE-2023-28327, CVE-2023-28410, CVE-2023-28464, CVE-2023-28466, CVE-2023-28866, CVE-2023-3006, CVE-2023-30456, CVE-2023-30772, CVE-2023-31084, CVE-2023-3141, CVE-2023-31436, CVE-2023-3161, CVE-2023-3220, CVE-2023-32233, CVE-2023-33288, CVE-2023-3357, CVE-2023-3358, CVE-2023-33951, CVE-2023-33952, CVE-2023-35788, CVE-2023-35823, CVE-2023-35828, CVE-2023-35829
Jira References: PED-1549, PED-3210, PED-3259, PED-3692, PED-370, PED-3750, PED-3759, PED-376, PED-3931, PED-4022, PED-835, SES-1880, SLE-18375, SLE-18377, SLE-18378, SLE-18379, SLE-18383, SLE-18384, SLE-18385, SLE-18978, SLE-18992, SLE-19001, SLE-19253, SLE-19255, SLE-19556
Sources used:
openSUSE Leap 15.5 (src): kernel-livepatch-SLE15-SP5-RT_Update_1-1-150500.11.5.1, kernel-syms-rt-5.14.21-150500.13.5.1, kernel-source-rt-5.14.21-150500.13.5.1
SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5-RT_Update_1-1-150500.11.5.1
SUSE Real Time Module 15-SP5 (src): kernel-syms-rt-5.14.21-150500.13.5.1, kernel-source-rt-5.14.21-150500.13.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 48 Maintenance Automation 2023-07-18 16:32:43 UTC

SUSE-SU-2023:2871-1: An update that solves 82 vulnerabilities, contains 25 features and has 390 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1109158, 1142685, 1152472, 1152489, 1155798, 1160435, 1166486, 1172073, 1174777, 1177529, 1186449, 1187829, 1189998, 1189999, 1191731, 1193629, 1194869, 1195175, 1195655, 1195921, 1196058, 1197534, 1197617, 1198101, 1198400, 1198438, 1198835, 1199304, 1199701, 1200054, 1202353, 1202633, 1203039, 1203200, 1203325, 1203331, 1203332, 1203693, 1203906, 1204356, 1204363, 1204662, 1204993, 1205153, 1205191, 1205205, 1205544, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1205846, 1206024, 1206036, 1206056, 1206057, 1206103, 1206224, 1206232, 1206340, 1206459, 1206492, 1206493, 1206552, 1206578, 1206640, 1206649, 1206677, 1206824, 1206843, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206891, 1206893, 1206894, 1206935, 1206992, 1207034, 1207036, 1207050, 1207051, 1207088, 1207125, 1207149, 1207158, 1207168, 1207185, 1207270, 1207315, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207521, 1207553, 1207560, 1207574, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207827, 1207842, 1207845, 1207875, 1207878, 1207933, 1207935, 1207948, 1208050, 1208076, 1208081, 1208105, 1208107, 1208128, 1208130, 1208149, 1208153, 1208183, 1208212, 1208219, 1208290, 1208368, 1208410, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208542, 1208570, 1208588, 1208598, 1208599, 1208600, 1208601, 1208602, 1208604, 1208605, 1208607, 1208619, 1208628, 1208700, 1208741, 1208758, 1208759, 1208776, 1208777, 1208784, 1208787, 1208815, 1208816, 1208829, 1208837, 1208843, 1208845, 1208848, 1208864, 1208902, 1208948, 1208976, 1209008, 1209039, 1209052, 1209092, 1209159, 1209256, 1209258, 1209262, 1209287, 1209288, 1209290, 1209291, 1209292, 1209366, 1209367, 1209436, 1209457, 1209504, 1209532, 1209556, 1209600, 1209615, 1209635, 1209636, 1209637, 1209684, 1209687, 1209693, 1209739, 1209779, 1209780, 1209788, 1209798, 1209799, 1209804, 1209805, 1209856, 1209871, 1209927, 1209980, 1209982, 1209999, 1210034, 1210050, 1210158, 1210165, 1210202, 1210203, 1210206, 1210216, 1210230, 1210294, 1210301, 1210329, 1210335, 1210336, 1210337, 1210409, 1210439, 1210449, 1210450, 1210453, 1210454, 1210498, 1210506, 1210533, 1210551, 1210565, 1210584, 1210629, 1210644, 1210647, 1210725, 1210741, 1210762, 1210763, 1210764, 1210765, 1210766, 1210767, 1210768, 1210769, 1210770, 1210771, 1210775, 1210783, 1210791, 1210793, 1210806, 1210816, 1210817, 1210827, 1210853, 1210940, 1210943, 1210947, 1210953, 1210986, 1211014, 1211025, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211205, 1211263, 1211280, 1211281, 1211299, 1211346, 1211387, 1211400, 1211410, 1211414, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211593, 1211595, 1211654, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211794, 1211796, 1211804, 1211807, 1211808, 1211820, 1211836, 1211847, 1211852, 1211855, 1211960, 1212051, 1212129, 1212154, 1212155, 1212158, 1212265, 1212350, 1212445, 1212448, 1212456, 1212494, 1212495, 1212504, 1212513, 1212540, 1212556, 1212561, 1212563, 1212564, 1212584, 1212592, 1212603, 1212605, 1212606, 1212619, 1212685, 1212701, 1212741, 1212835, 1212838, 1212842, 1212848, 1212861, 1212869, 1212892, 1212961, 1213010, 1213011, 1213012, 1213013, 1213014, 1213015, 1213016, 1213017, 1213018, 1213019, 1213020, 1213021, 1213024, 1213025, 1213032, 1213034, 1213035, 1213036, 1213037, 1213038, 1213039, 1213040, 1213041, 1213087, 1213088, 1213089, 1213090, 1213092, 1213093, 1213094, 1213095, 1213096, 1213098, 1213099, 1213100, 1213102, 1213103, 1213104, 1213105, 1213106, 1213107, 1213108, 1213109, 1213110, 1213111, 1213112, 1213113, 1213114, 1213116, 1213134
CVE References: CVE-2022-36280, CVE-2022-38096, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2022-4744, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0394, CVE-2023-0461, CVE-2023-0469, CVE-2023-0590, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1077, CVE-2023-1079, CVE-2023-1095, CVE-2023-1118, CVE-2023-1249, CVE-2023-1382, CVE-2023-1513, CVE-2023-1582, CVE-2023-1583, CVE-2023-1611, CVE-2023-1637, CVE-2023-1652, CVE-2023-1670, CVE-2023-1829, CVE-2023-1838, CVE-2023-1855, CVE-2023-1989, CVE-2023-1998, CVE-2023-2002, CVE-2023-21102, CVE-2023-21106, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2176, CVE-2023-2235, CVE-2023-2269, CVE-2023-22998, CVE-2023-23000, CVE-2023-23001, CVE-2023-23004, CVE-2023-23006, CVE-2023-2430, CVE-2023-2483, CVE-2023-25012, CVE-2023-2513, CVE-2023-26545, CVE-2023-28327, CVE-2023-28410, CVE-2023-28464, CVE-2023-28866, CVE-2023-3006, CVE-2023-30456, CVE-2023-30772, CVE-2023-3090, CVE-2023-31084, CVE-2023-3111, CVE-2023-3141, CVE-2023-31436, CVE-2023-3161, CVE-2023-3212, CVE-2023-3220, CVE-2023-32233, CVE-2023-33288, CVE-2023-3357, CVE-2023-3358, CVE-2023-3389, CVE-2023-33951, CVE-2023-33952, CVE-2023-35788, CVE-2023-35823, CVE-2023-35828, CVE-2023-35829
Jira References: PED-1549, PED-3210, PED-3259, PED-3692, PED-370, PED-3750, PED-3759, PED-376, PED-3931, PED-4022, PED-835, SES-1880, SLE-18375, SLE-18377, SLE-18378, SLE-18379, SLE-18383, SLE-18384, SLE-18385, SLE-18978, SLE-18992, SLE-19001, SLE-19253, SLE-19255, SLE-19556
Sources used:
openSUSE Leap 15.5 (src): kernel-livepatch-SLE15-SP5_Update_1-1-150500.11.7.1, kernel-syms-5.14.21-150500.55.7.1, kernel-obs-qa-5.14.21-150500.55.7.1, kernel-obs-build-5.14.21-150500.55.7.1, kernel-source-5.14.21-150500.55.7.1, kernel-default-base-5.14.21-150500.55.7.1.150500.6.2.5
Basesystem Module 15-SP5 (src): kernel-source-5.14.21-150500.55.7.1, kernel-default-base-5.14.21-150500.55.7.1.150500.6.2.5
Development Tools Module 15-SP5 (src): kernel-source-5.14.21-150500.55.7.1, kernel-syms-5.14.21-150500.55.7.1, kernel-obs-build-5.14.21-150500.55.7.1
SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5_Update_1-1-150500.11.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 50 Maintenance Automation 2024-02-27 12:01:19 UTC

SUSE-SU-2023:2646-1: An update that solves 69 vulnerabilities, contains six features and has 292 security fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1109158, 1142685, 1152472, 1152489, 1155798, 1160435, 1166486, 1172073, 1174777, 1177529, 1186449, 1189998, 1189999, 1191731, 1193629, 1194869, 1195175, 1195655, 1195921, 1196058, 1197534, 1197617, 1198101, 1198438, 1198835, 1199304, 1200054, 1202353, 1202633, 1203039, 1203200, 1203325, 1203331, 1203332, 1203693, 1203906, 1204356, 1204662, 1204993, 1205191, 1205205, 1205544, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1205846, 1206024, 1206036, 1206056, 1206057, 1206103, 1206224, 1206232, 1206340, 1206459, 1206492, 1206493, 1206552, 1206578, 1206640, 1206649, 1206677, 1206824, 1206843, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206891, 1206893, 1206894, 1206935, 1206992, 1207034, 1207050, 1207088, 1207149, 1207158, 1207168, 1207185, 1207270, 1207315, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207521, 1207553, 1207560, 1207574, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207827, 1207842, 1207845, 1207875, 1207878, 1207935, 1207948, 1208050, 1208076, 1208081, 1208105, 1208107, 1208128, 1208130, 1208149, 1208153, 1208183, 1208212, 1208219, 1208290, 1208368, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208542, 1208570, 1208588, 1208598, 1208599, 1208600, 1208602, 1208604, 1208605, 1208607, 1208619, 1208628, 1208700, 1208758, 1208759, 1208776, 1208777, 1208784, 1208787, 1208815, 1208816, 1208829, 1208837, 1208843, 1208845, 1208848, 1208864, 1208902, 1208948, 1208976, 1209008, 1209052, 1209092, 1209159, 1209256, 1209258, 1209262, 1209287, 1209288, 1209290, 1209292, 1209367, 1209457, 1209504, 1209532, 1209556, 1209600, 1209635, 1209636, 1209637, 1209684, 1209687, 1209693, 1209739, 1209779, 1209788, 1209798, 1209799, 1209804, 1209805, 1209856, 1209871, 1209927, 1209980, 1209982, 1209999, 1210034, 1210050, 1210158, 1210165, 1210202, 1210203, 1210206, 1210216, 1210230, 1210294, 1210301, 1210329, 1210336, 1210409, 1210439, 1210449, 1210450, 1210469, 1210498, 1210506, 1210533, 1210551, 1210629, 1210644, 1210647, 1210725, 1210741, 1210762, 1210763, 1210764, 1210765, 1210766, 1210767, 1210768, 1210769, 1210770, 1210771, 1210775, 1210783, 1210791, 1210793, 1210806, 1210816, 1210817, 1210827, 1210940, 1210943, 1210947, 1210953, 1210986, 1211025, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211140, 1211205, 1211263, 1211280, 1211281, 1211299, 1211387, 1211414, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211593, 1211595, 1211654, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211796, 1211804, 1211807, 1211808, 1211820, 1211836, 1211847, 1211855, 1211960, 1212129, 1212154, 1212155, 1212158
CVE References: CVE-2022-2196, CVE-2022-36280, CVE-2022-38096, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2022-4744, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0394, CVE-2023-0461, CVE-2023-0469, CVE-2023-0590, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1077, CVE-2023-1079, CVE-2023-1095, CVE-2023-1118, CVE-2023-1380, CVE-2023-1382, CVE-2023-1513, CVE-2023-1582, CVE-2023-1583, CVE-2023-1611, CVE-2023-1637, CVE-2023-1652, CVE-2023-1670, CVE-2023-1838, CVE-2023-1855, CVE-2023-1989, CVE-2023-1998, CVE-2023-2002, CVE-2023-21102, CVE-2023-21106, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2176, CVE-2023-2235, CVE-2023-2269, CVE-2023-22998, CVE-2023-23000, CVE-2023-23001, CVE-2023-23004, CVE-2023-23006, CVE-2023-2483, CVE-2023-25012, CVE-2023-2513, CVE-2023-26545, CVE-2023-28327, CVE-2023-28410, CVE-2023-28464, CVE-2023-3006, CVE-2023-30456, CVE-2023-30772, CVE-2023-31084, CVE-2023-3141, CVE-2023-31436, CVE-2023-3161, CVE-2023-32233, CVE-2023-33288, CVE-2023-33951, CVE-2023-33952
Jira References: PED-3210, PED-3259, PED-3692, PED-3750, PED-3759, PED-4022
Sources used:
openSUSE Leap 15.5 (src): kernel-source-azure-5.14.21-150500.33.3.1, kernel-syms-azure-5.14.21-150500.33.3.1
Public Cloud Module 15-SP5 (src): kernel-source-azure-5.14.21-150500.33.3.1, kernel-syms-azure-5.14.21-150500.33.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 54 Robert Frohl 2024-05-06 12:28:45 UTC

done, closing