1211131 – (CVE-2023-2156) VUL-0: CVE-2023-2156: kernel-source-rt,kernel-source,kernel-source-azure: Linux Kernel IPv6 RPL Protocol Reachable Assertion Denial-of-Service Vulnerability

Bug 1211131 (CVE-2023-2156) - VUL-0: CVE-2023-2156: kernel-source-rt,kernel-source,kernel-source-azure: Linux Kernel IPv6 RPL Protocol Reachable Assertion Denial-of-Service Vulnerability

Summary: VUL-0: CVE-2023-2156: kernel-source-rt,kernel-source,kernel-source-azure: Lin...

Status:	RESOLVED FIXED

Alias:	CVE-2023-2156

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Major
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/365193/
Whiteboard:	CVSSv3.1:SUSE:CVE-2023-2156:7.5:(AV:N...
Keywords:

Depends on:
Blocks:	1211395
	Show dependency tree / graph

Clone This Bug

Reported:	2023-05-05 08:16 UTC by Cathy Hu
Modified:	2024-06-25 17:38 UTC (History)
CC List:	9 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Cathy Hu 2023-05-05 08:16:59 UTC

CVE-2023-2156

This vulnerability allows remote attackers to create a denial-of-service
condition on affected installations of Linux Kernel. Authentication is not
required to exploit this vulnerability.

The specific flaw exists within the handling of the RPL protocol. The issue
results from the lack of proper handling of user-supplied data, which can result
in an assertion failure. An attacker can leverage this vulnerability to create a
denial-of-service condition on the system.

01/26/22 – ZDI reported the vulnerability to the vendor.   02/02/22 – The vendor
acknowledged the report.   08/24/22 – ZDI asked for an update.        08/24/22 –
The vendor asked for additional details about the vulnerability.   09/19/22 –
The vendor states that there is a patch, but the ZDI informed the vendor that
the bug is still triggerable on the latest mainline.   10/05/22 – ZDI provided
additional details.  10/07/22 – The vendor states there is a new patch, but the
ZDI was able to reproduce the vulnerability on the latest mainline.   10/26/22 –
The vendor informed the ZDI that they would continue to investigate. 04/12/23 –
ZDI asked for an update.   04/14/23 – The vendor informed the ZDI that a new
patch would merge into the latest mainline on 04/21/2023.  04/21/23 – The
original finder reports to the vendor that the patch may not work, and it was
confirmed by the ZDI that the vulnerability is reproducible on the latest
mainline. 05/02/23 – The ZDI informed the vendor that the case will be published
as a zero-day advisory on 05/04/23, and in coordination with Red Hat this
vulnerability will be assigned CVE-2023-2156.

-- Mitigation: Given the nature of the vulnerability, the only salient
mitigation strategy is to restrict interaction with the application.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2156
https://www.zerodayinitiative.com/advisories/ZDI-23-547/

Comment 4 Thomas Leroy 2023-06-05 11:50:28 UTC

Any news Michal?

Comment 5 Michal Kubeček 2023-06-05 19:22:46 UTC

Based on the description, it should be like this:

  introduced      8610c7c6e3bd    5.7-rc1
  fixed           4e006c7a6dac    6.3

The fix has been merged into all relevant branches now:

  stable          6.3
  SLE15-SP4       c308d834c6e6 (merged)
  SLE15-SP3-LTSS  884cd150671d (merged)

SLE15-SP3-LTSS is the only 5.3 based (or pre-5.14) branch with commit
8610c7c6e3bd so I submitted the fix directly to it rather than
via cve/linux-5.3.

Reassigning back to security team.

Comment 13 Maintenance Automation 2023-06-13 16:30:10 UTC

SUSE-SU-2023:2502-1: An update that solves 21 vulnerabilities and has four fixes can now be installed.

Category: security (important)
Bug References: 1199636, 1204405, 1205756, 1205758, 1205760, 1205762, 1205803, 1206024, 1208474, 1208604, 1209287, 1209779, 1210715, 1210783, 1210940, 1211037, 1211043, 1211105, 1211131, 1211186, 1211203, 1211590, 1211592, 1211596, 1211622
CVE References: CVE-2020-36694, CVE-2022-3566, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-1079, CVE-2023-1380, CVE-2023-1637, CVE-2023-2156, CVE-2023-2194, CVE-2023-23586, CVE-2023-2483, CVE-2023-2513, CVE-2023-31084, CVE-2023-31436, CVE-2023-32233, CVE-2023-32269, CVE-2023-33288
Sources used:
SUSE Real Time Module 15-SP3 (src): kernel-syms-rt-5.3.18-150300.130.1, kernel-source-rt-5.3.18-150300.130.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 14 Maintenance Automation 2023-06-13 16:30:41 UTC

SUSE-SU-2023:2500-1: An update that solves 23 vulnerabilities, contains 14 features and has 52 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1172073, 1191731, 1193629, 1195655, 1195921, 1203906, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1206024, 1206578, 1207553, 1208604, 1208758, 1209287, 1209288, 1209856, 1209982, 1210165, 1210294, 1210449, 1210450, 1210498, 1210533, 1210551, 1210566, 1210647, 1210741, 1210775, 1210783, 1210791, 1210806, 1210940, 1210947, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211187, 1211205, 1211260, 1211263, 1211280, 1211281, 1211395, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211796, 1211804, 1211807, 1211808, 1211819, 1211847, 1211855, 1211960
CVE References: CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-1079, CVE-2023-1380, CVE-2023-1382, CVE-2023-2002, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2269, CVE-2023-2483, CVE-2023-2513, CVE-2023-28410, CVE-2023-3006, CVE-2023-30456, CVE-2023-31084, CVE-2023-31436, CVE-2023-32233, CVE-2023-33288
Jira References: PED-3692, PED-4022, SLE-18375, SLE-18377, SLE-18378, SLE-18379, SLE-18383, SLE-18384, SLE-18385, SLE-18978, SLE-18992, SLE-19001, SLE-19255, SLE-19556
Sources used:
openSUSE Leap 15.4 (src): kernel-source-azure-5.14.21-150400.14.52.1, kernel-syms-azure-5.14.21-150400.14.52.1
Public Cloud Module 15-SP4 (src): kernel-source-azure-5.14.21-150400.14.52.1, kernel-syms-azure-5.14.21-150400.14.52.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 19 Maintenance Automation 2023-06-22 08:30:10 UTC

SUSE-SU-2023:2611-1: An update that solves 22 vulnerabilities and has four fixes can now be installed.

Category: security (important)
Bug References: 1184208, 1199636, 1204405, 1205756, 1205758, 1205760, 1205762, 1205803, 1206024, 1208474, 1208604, 1209287, 1209779, 1210715, 1210783, 1210940, 1211037, 1211043, 1211105, 1211131, 1211186, 1211203, 1211590, 1211592, 1211596, 1211622
CVE References: CVE-2020-36694, CVE-2021-29650, CVE-2022-3566, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-1079, CVE-2023-1380, CVE-2023-1637, CVE-2023-2156, CVE-2023-2194, CVE-2023-23586, CVE-2023-2483, CVE-2023-2513, CVE-2023-31084, CVE-2023-31436, CVE-2023-32233, CVE-2023-32269, CVE-2023-33288
Sources used:
SUSE Linux Enterprise Live Patching 15-SP3 (src): kernel-livepatch-SLE15-SP3_Update_33-1-150300.7.3.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): kernel-syms-5.3.18-150300.59.124.1, kernel-obs-build-5.3.18-150300.59.124.1, kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1, kernel-source-5.3.18-150300.59.124.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): kernel-syms-5.3.18-150300.59.124.1, kernel-obs-build-5.3.18-150300.59.124.1, kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1, kernel-source-5.3.18-150300.59.124.1
SUSE Linux Enterprise Real Time 15 SP3 (src): kernel-syms-5.3.18-150300.59.124.1, kernel-obs-build-5.3.18-150300.59.124.1, kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1, kernel-source-5.3.18-150300.59.124.1
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): kernel-syms-5.3.18-150300.59.124.1, kernel-obs-build-5.3.18-150300.59.124.1, kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1, kernel-source-5.3.18-150300.59.124.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): kernel-syms-5.3.18-150300.59.124.1, kernel-obs-build-5.3.18-150300.59.124.1, kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1, kernel-source-5.3.18-150300.59.124.1
SUSE Manager Proxy 4.2 (src): kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1, kernel-source-5.3.18-150300.59.124.1
SUSE Manager Retail Branch Server 4.2 (src): kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1, kernel-source-5.3.18-150300.59.124.1
SUSE Manager Server 4.2 (src): kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1, kernel-source-5.3.18-150300.59.124.1
SUSE Enterprise Storage 7.1 (src): kernel-syms-5.3.18-150300.59.124.1, kernel-obs-build-5.3.18-150300.59.124.1, kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1, kernel-source-5.3.18-150300.59.124.1
SUSE Linux Enterprise Micro 5.1 (src): kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1
SUSE Linux Enterprise Micro 5.2 (src): kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1
SUSE Linux Enterprise Micro for Rancher 5.2 (src): kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 23 Maintenance Automation 2023-06-27 12:30:19 UTC

SUSE-SU-2023:2653-1: An update that solves 23 vulnerabilities, contains 14 features and has 47 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1172073, 1191731, 1193629, 1195655, 1195921, 1203906, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1206024, 1206578, 1207553, 1208604, 1208758, 1209287, 1209288, 1209856, 1209982, 1210165, 1210294, 1210449, 1210450, 1210498, 1210533, 1210551, 1210647, 1210741, 1210775, 1210783, 1210791, 1210806, 1210940, 1210947, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211205, 1211263, 1211280, 1211281, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211796, 1211804, 1211807, 1211808, 1211847, 1211855, 1211960
CVE References: CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-1079, CVE-2023-1380, CVE-2023-1382, CVE-2023-2002, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2269, CVE-2023-2483, CVE-2023-2513, CVE-2023-28410, CVE-2023-3006, CVE-2023-30456, CVE-2023-31084, CVE-2023-31436, CVE-2023-32233, CVE-2023-33288
Jira References: PED-3692, PED-4022, SLE-18375, SLE-18377, SLE-18378, SLE-18379, SLE-18383, SLE-18384, SLE-18385, SLE-18978, SLE-18992, SLE-19001, SLE-19255, SLE-19556
Sources used:
openSUSE Leap Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
openSUSE Leap 15.4 (src): kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1, kernel-source-5.14.21-150400.24.66.1, kernel-syms-5.14.21-150400.24.66.1, kernel-obs-build-5.14.21-150400.24.66.1, kernel-obs-qa-5.14.21-150400.24.66.1
SUSE Linux Enterprise Micro for Rancher 5.3 (src): kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
SUSE Linux Enterprise Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
SUSE Linux Enterprise Micro for Rancher 5.4 (src): kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
SUSE Linux Enterprise Micro 5.4 (src): kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
Basesystem Module 15-SP4 (src): kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1, kernel-source-5.14.21-150400.24.66.1
Development Tools Module 15-SP4 (src): kernel-syms-5.14.21-150400.24.66.1, kernel-source-5.14.21-150400.24.66.1, kernel-obs-build-5.14.21-150400.24.66.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4_Update_13-1-150400.9.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 28 Maintenance Automation 2023-07-04 16:30:25 UTC

SUSE-SU-2023:2782-1: An update that solves 31 vulnerabilities, contains three features and has 70 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1152472, 1152489, 1160435, 1172073, 1189998, 1191731, 1193629, 1194869, 1195655, 1195921, 1203906, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1206024, 1206578, 1207553, 1208050, 1208410, 1208600, 1208604, 1208758, 1209039, 1209287, 1209288, 1209367, 1209856, 1209982, 1210165, 1210294, 1210449, 1210450, 1210498, 1210533, 1210551, 1210647, 1210741, 1210775, 1210783, 1210791, 1210806, 1210940, 1210947, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211205, 1211263, 1211280, 1211281, 1211299, 1211346, 1211387, 1211410, 1211414, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211796, 1211804, 1211807, 1211808, 1211847, 1211852, 1211855, 1211960, 1212129, 1212154, 1212155, 1212158, 1212350, 1212448, 1212494, 1212504, 1212513, 1212540, 1212561, 1212563, 1212564, 1212584, 1212592
CVE References: CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-1077, CVE-2023-1079, CVE-2023-1249, CVE-2023-1380, CVE-2023-1382, CVE-2023-2002, CVE-2023-21102, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2269, CVE-2023-2483, CVE-2023-2513, CVE-2023-28410, CVE-2023-3006, CVE-2023-30456, CVE-2023-31084, CVE-2023-3141, CVE-2023-31436, CVE-2023-3161, CVE-2023-32233, CVE-2023-33288, CVE-2023-35788, CVE-2023-35823, CVE-2023-35828
Jira References: PED-3692, PED-3931, PED-4022
Sources used:
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_8-1-150400.1.9.2
SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.37.1, kernel-syms-rt-5.14.21-150400.15.37.1
openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.37.1, kernel-syms-rt-5.14.21-150400.15.37.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 31 Marcos de Souza 2023-07-11 04:29:24 UTC

While checking the current upstream, the reproducer didn't crash the kernel. After searching for commits related to RPL, I found this one[1]:

From a2f4c143d76b1a47c91ef9bc46907116b111da0b Mon Sep 17 00:00:00 2001
From: Kuniyuki Iwashima <kuniyu@amazon.com>
Date: Mon, 5 Jun 2023 11:06:17 -0700
Subject: [PATCH] ipv6: rpl: Fix Route of Death.

When running the reproducer with this commit on top of the one that was already mentioned[2] in the comment 2 the crash doesn't happening anymore.

Michal Kubecek, what do you think? Should we also backport this commit[1]?

[1]: https://github.com/torvalds/linux/commit/a2f4c143d76b1a47c91ef9bc46907116b111da0b.patch
[2]: https://github.com/torvalds/linux/commit/4e006c7a6dac0ead4c1bf606000aa90a372fc253

Comment 33 Maintenance Automation 2023-07-11 16:32:13 UTC

SUSE-SU-2023:2809-1: An update that solves 84 vulnerabilities, contains 25 features and has 320 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1109158, 1142685, 1152472, 1152489, 1155798, 1160435, 1166486, 1172073, 1174777, 1177529, 1185861, 1186449, 1189998, 1189999, 1191731, 1193629, 1194869, 1195175, 1195655, 1195921, 1196058, 1197534, 1197617, 1198101, 1198400, 1198438, 1198835, 1199304, 1199701, 1200054, 1202353, 1202633, 1203039, 1203200, 1203325, 1203331, 1203332, 1203693, 1203906, 1204356, 1204363, 1204662, 1204993, 1205153, 1205191, 1205205, 1205544, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1205846, 1206024, 1206036, 1206056, 1206057, 1206103, 1206224, 1206232, 1206340, 1206459, 1206492, 1206493, 1206578, 1206640, 1206649, 1206824, 1206843, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206891, 1206893, 1206894, 1206935, 1206992, 1207034, 1207036, 1207050, 1207051, 1207088, 1207125, 1207149, 1207158, 1207168, 1207185, 1207270, 1207315, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207521, 1207553, 1207560, 1207574, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207827, 1207842, 1207845, 1207875, 1207878, 1207933, 1207935, 1207948, 1208050, 1208076, 1208081, 1208105, 1208107, 1208128, 1208130, 1208149, 1208153, 1208183, 1208212, 1208219, 1208290, 1208368, 1208410, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208542, 1208570, 1208588, 1208598, 1208599, 1208600, 1208601, 1208602, 1208604, 1208605, 1208607, 1208619, 1208628, 1208700, 1208741, 1208758, 1208759, 1208776, 1208777, 1208784, 1208787, 1208815, 1208816, 1208829, 1208837, 1208843, 1208845, 1208848, 1208864, 1208902, 1208948, 1208976, 1209008, 1209039, 1209052, 1209092, 1209159, 1209256, 1209258, 1209262, 1209287, 1209288, 1209290, 1209291, 1209292, 1209366, 1209367, 1209436, 1209457, 1209504, 1209532, 1209556, 1209600, 1209615, 1209635, 1209636, 1209637, 1209684, 1209687, 1209693, 1209739, 1209779, 1209780, 1209788, 1209798, 1209799, 1209804, 1209805, 1209856, 1209871, 1209927, 1209980, 1209982, 1209999, 1210034, 1210050, 1210158, 1210165, 1210202, 1210203, 1210206, 1210216, 1210230, 1210294, 1210301, 1210329, 1210336, 1210337, 1210409, 1210439, 1210449, 1210450, 1210453, 1210454, 1210469, 1210498, 1210506, 1210533, 1210551, 1210629, 1210644, 1210647, 1210725, 1210741, 1210762, 1210763, 1210764, 1210765, 1210766, 1210767, 1210768, 1210769, 1210770, 1210771, 1210775, 1210783, 1210791, 1210793, 1210806, 1210816, 1210817, 1210827, 1210940, 1210943, 1210947, 1210953, 1210986, 1211025, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211205, 1211263, 1211280, 1211281, 1211299, 1211346, 1211387, 1211400, 1211410, 1211414, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211593, 1211595, 1211654, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211794, 1211796, 1211804, 1211807, 1211808, 1211820, 1211836, 1211847, 1211852, 1211855, 1211960, 1212129, 1212154, 1212155, 1212158, 1212350, 1212405, 1212445, 1212448, 1212494, 1212495, 1212504, 1212513, 1212540, 1212556, 1212561, 1212563, 1212564, 1212584, 1212592, 1212605, 1212606, 1212619, 1212701, 1212741
CVE References: CVE-2020-24588, CVE-2022-2196, CVE-2022-3523, CVE-2022-36280, CVE-2022-38096, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2022-4744, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0386, CVE-2023-0394, CVE-2023-0461, CVE-2023-0469, CVE-2023-0590, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1077, CVE-2023-1078, CVE-2023-1079, CVE-2023-1095, CVE-2023-1118, CVE-2023-1249, CVE-2023-1382, CVE-2023-1513, CVE-2023-1582, CVE-2023-1583, CVE-2023-1611, CVE-2023-1637, CVE-2023-1652, CVE-2023-1670, CVE-2023-1838, CVE-2023-1855, CVE-2023-1989, CVE-2023-1998, CVE-2023-2002, CVE-2023-21102, CVE-2023-21106, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2176, CVE-2023-2235, CVE-2023-2269, CVE-2023-22998, CVE-2023-23000, CVE-2023-23001, CVE-2023-23004, CVE-2023-23006, CVE-2023-23454, CVE-2023-23455, CVE-2023-2483, CVE-2023-25012, CVE-2023-2513, CVE-2023-26545, CVE-2023-28327, CVE-2023-28410, CVE-2023-28464, CVE-2023-28466, CVE-2023-28866, CVE-2023-3006, CVE-2023-30456, CVE-2023-30772, CVE-2023-31084, CVE-2023-3141, CVE-2023-31436, CVE-2023-3161, CVE-2023-3220, CVE-2023-32233, CVE-2023-33288, CVE-2023-3357, CVE-2023-3358, CVE-2023-33951, CVE-2023-33952, CVE-2023-35788, CVE-2023-35823, CVE-2023-35828, CVE-2023-35829
Jira References: PED-1549, PED-3210, PED-3259, PED-3692, PED-370, PED-3750, PED-3759, PED-376, PED-3931, PED-4022, PED-835, SES-1880, SLE-18375, SLE-18377, SLE-18378, SLE-18379, SLE-18383, SLE-18384, SLE-18385, SLE-18978, SLE-18992, SLE-19001, SLE-19253, SLE-19255, SLE-19556
Sources used:
openSUSE Leap 15.5 (src): kernel-livepatch-SLE15-SP5-RT_Update_1-1-150500.11.5.1, kernel-syms-rt-5.14.21-150500.13.5.1, kernel-source-rt-5.14.21-150500.13.5.1
SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5-RT_Update_1-1-150500.11.5.1
SUSE Real Time Module 15-SP5 (src): kernel-syms-rt-5.14.21-150500.13.5.1, kernel-source-rt-5.14.21-150500.13.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 34 Marcos de Souza 2023-07-18 01:15:34 UTC

(In reply to Marcos de Souza from comment #31)
> While checking the current upstream, the reproducer didn't crash the kernel.
> After searching for commits related to RPL, I found this one[1]:
> 
> From a2f4c143d76b1a47c91ef9bc46907116b111da0b Mon Sep 17 00:00:00 2001
> From: Kuniyuki Iwashima <kuniyu@amazon.com>
> Date: Mon, 5 Jun 2023 11:06:17 -0700
> Subject: [PATCH] ipv6: rpl: Fix Route of Death.
> 
> When running the reproducer with this commit on top of the one that was
> already mentioned[2] in the comment 2 the crash doesn't happening anymore.
> 
> Michal Kubecek, what do you think? Should we also backport this commit[1]?
> 
> 
> [1]:
> https://github.com/torvalds/linux/commit/
> a2f4c143d76b1a47c91ef9bc46907116b111da0b.patch
> [2]:
> https://github.com/torvalds/linux/commit/
> 4e006c7a6dac0ead4c1bf606000aa90a372fc253

Humble ping

Comment 35 Maintenance Automation 2023-07-18 16:32:54 UTC

SUSE-SU-2023:2871-1: An update that solves 82 vulnerabilities, contains 25 features and has 390 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1109158, 1142685, 1152472, 1152489, 1155798, 1160435, 1166486, 1172073, 1174777, 1177529, 1186449, 1187829, 1189998, 1189999, 1191731, 1193629, 1194869, 1195175, 1195655, 1195921, 1196058, 1197534, 1197617, 1198101, 1198400, 1198438, 1198835, 1199304, 1199701, 1200054, 1202353, 1202633, 1203039, 1203200, 1203325, 1203331, 1203332, 1203693, 1203906, 1204356, 1204363, 1204662, 1204993, 1205153, 1205191, 1205205, 1205544, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1205846, 1206024, 1206036, 1206056, 1206057, 1206103, 1206224, 1206232, 1206340, 1206459, 1206492, 1206493, 1206552, 1206578, 1206640, 1206649, 1206677, 1206824, 1206843, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206891, 1206893, 1206894, 1206935, 1206992, 1207034, 1207036, 1207050, 1207051, 1207088, 1207125, 1207149, 1207158, 1207168, 1207185, 1207270, 1207315, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207521, 1207553, 1207560, 1207574, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207827, 1207842, 1207845, 1207875, 1207878, 1207933, 1207935, 1207948, 1208050, 1208076, 1208081, 1208105, 1208107, 1208128, 1208130, 1208149, 1208153, 1208183, 1208212, 1208219, 1208290, 1208368, 1208410, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208542, 1208570, 1208588, 1208598, 1208599, 1208600, 1208601, 1208602, 1208604, 1208605, 1208607, 1208619, 1208628, 1208700, 1208741, 1208758, 1208759, 1208776, 1208777, 1208784, 1208787, 1208815, 1208816, 1208829, 1208837, 1208843, 1208845, 1208848, 1208864, 1208902, 1208948, 1208976, 1209008, 1209039, 1209052, 1209092, 1209159, 1209256, 1209258, 1209262, 1209287, 1209288, 1209290, 1209291, 1209292, 1209366, 1209367, 1209436, 1209457, 1209504, 1209532, 1209556, 1209600, 1209615, 1209635, 1209636, 1209637, 1209684, 1209687, 1209693, 1209739, 1209779, 1209780, 1209788, 1209798, 1209799, 1209804, 1209805, 1209856, 1209871, 1209927, 1209980, 1209982, 1209999, 1210034, 1210050, 1210158, 1210165, 1210202, 1210203, 1210206, 1210216, 1210230, 1210294, 1210301, 1210329, 1210335, 1210336, 1210337, 1210409, 1210439, 1210449, 1210450, 1210453, 1210454, 1210498, 1210506, 1210533, 1210551, 1210565, 1210584, 1210629, 1210644, 1210647, 1210725, 1210741, 1210762, 1210763, 1210764, 1210765, 1210766, 1210767, 1210768, 1210769, 1210770, 1210771, 1210775, 1210783, 1210791, 1210793, 1210806, 1210816, 1210817, 1210827, 1210853, 1210940, 1210943, 1210947, 1210953, 1210986, 1211014, 1211025, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211205, 1211263, 1211280, 1211281, 1211299, 1211346, 1211387, 1211400, 1211410, 1211414, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211593, 1211595, 1211654, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211794, 1211796, 1211804, 1211807, 1211808, 1211820, 1211836, 1211847, 1211852, 1211855, 1211960, 1212051, 1212129, 1212154, 1212155, 1212158, 1212265, 1212350, 1212445, 1212448, 1212456, 1212494, 1212495, 1212504, 1212513, 1212540, 1212556, 1212561, 1212563, 1212564, 1212584, 1212592, 1212603, 1212605, 1212606, 1212619, 1212685, 1212701, 1212741, 1212835, 1212838, 1212842, 1212848, 1212861, 1212869, 1212892, 1212961, 1213010, 1213011, 1213012, 1213013, 1213014, 1213015, 1213016, 1213017, 1213018, 1213019, 1213020, 1213021, 1213024, 1213025, 1213032, 1213034, 1213035, 1213036, 1213037, 1213038, 1213039, 1213040, 1213041, 1213087, 1213088, 1213089, 1213090, 1213092, 1213093, 1213094, 1213095, 1213096, 1213098, 1213099, 1213100, 1213102, 1213103, 1213104, 1213105, 1213106, 1213107, 1213108, 1213109, 1213110, 1213111, 1213112, 1213113, 1213114, 1213116, 1213134
CVE References: CVE-2022-36280, CVE-2022-38096, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2022-4744, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0394, CVE-2023-0461, CVE-2023-0469, CVE-2023-0590, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1077, CVE-2023-1079, CVE-2023-1095, CVE-2023-1118, CVE-2023-1249, CVE-2023-1382, CVE-2023-1513, CVE-2023-1582, CVE-2023-1583, CVE-2023-1611, CVE-2023-1637, CVE-2023-1652, CVE-2023-1670, CVE-2023-1829, CVE-2023-1838, CVE-2023-1855, CVE-2023-1989, CVE-2023-1998, CVE-2023-2002, CVE-2023-21102, CVE-2023-21106, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2176, CVE-2023-2235, CVE-2023-2269, CVE-2023-22998, CVE-2023-23000, CVE-2023-23001, CVE-2023-23004, CVE-2023-23006, CVE-2023-2430, CVE-2023-2483, CVE-2023-25012, CVE-2023-2513, CVE-2023-26545, CVE-2023-28327, CVE-2023-28410, CVE-2023-28464, CVE-2023-28866, CVE-2023-3006, CVE-2023-30456, CVE-2023-30772, CVE-2023-3090, CVE-2023-31084, CVE-2023-3111, CVE-2023-3141, CVE-2023-31436, CVE-2023-3161, CVE-2023-3212, CVE-2023-3220, CVE-2023-32233, CVE-2023-33288, CVE-2023-3357, CVE-2023-3358, CVE-2023-3389, CVE-2023-33951, CVE-2023-33952, CVE-2023-35788, CVE-2023-35823, CVE-2023-35828, CVE-2023-35829
Jira References: PED-1549, PED-3210, PED-3259, PED-3692, PED-370, PED-3750, PED-3759, PED-376, PED-3931, PED-4022, PED-835, SES-1880, SLE-18375, SLE-18377, SLE-18378, SLE-18379, SLE-18383, SLE-18384, SLE-18385, SLE-18978, SLE-18992, SLE-19001, SLE-19253, SLE-19255, SLE-19556
Sources used:
openSUSE Leap 15.5 (src): kernel-livepatch-SLE15-SP5_Update_1-1-150500.11.7.1, kernel-syms-5.14.21-150500.55.7.1, kernel-obs-qa-5.14.21-150500.55.7.1, kernel-obs-build-5.14.21-150500.55.7.1, kernel-source-5.14.21-150500.55.7.1, kernel-default-base-5.14.21-150500.55.7.1.150500.6.2.5
Basesystem Module 15-SP5 (src): kernel-source-5.14.21-150500.55.7.1, kernel-default-base-5.14.21-150500.55.7.1.150500.6.2.5
Development Tools Module 15-SP5 (src): kernel-source-5.14.21-150500.55.7.1, kernel-syms-5.14.21-150500.55.7.1, kernel-obs-build-5.14.21-150500.55.7.1
SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5_Update_1-1-150500.11.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 37 Marcos de Souza 2023-07-27 13:06:54 UTC

(In reply to Marcos de Souza from comment #34)
> (In reply to Marcos de Souza from comment #31)
> > While checking the current upstream, the reproducer didn't crash the kernel.
> > After searching for commits related to RPL, I found this one[1]:
> > 
> > From a2f4c143d76b1a47c91ef9bc46907116b111da0b Mon Sep 17 00:00:00 2001
> > From: Kuniyuki Iwashima <kuniyu@amazon.com>
> > Date: Mon, 5 Jun 2023 11:06:17 -0700
> > Subject: [PATCH] ipv6: rpl: Fix Route of Death.
> > 
> > When running the reproducer with this commit on top of the one that was
> > already mentioned[2] in the comment 2 the crash doesn't happening anymore.
> > 
> > Michal Kubecek, what do you think? Should we also backport this commit[1]?
> > 
> > 
> > [1]:
> > https://github.com/torvalds/linux/commit/
> > a2f4c143d76b1a47c91ef9bc46907116b111da0b.patch
> > [2]:
> > https://github.com/torvalds/linux/commit/
> > 4e006c7a6dac0ead4c1bf606000aa90a372fc253
> 
> Humble ping

Humble ping v2

Comment 38 Michal Kubeček 2023-07-30 18:23:06 UTC

(In reply to Marcos de Souza from comment #31)
> While checking the current upstream, the reproducer didn't crash the kernel.
> After searching for commits related to RPL, I found this one[1]:
> 
> From a2f4c143d76b1a47c91ef9bc46907116b111da0b Mon Sep 17 00:00:00 2001
> From: Kuniyuki Iwashima <kuniyu@amazon.com>
> Date: Mon, 5 Jun 2023 11:06:17 -0700
> Subject: [PATCH] ipv6: rpl: Fix Route of Death.
> 
> When running the reproducer with this commit on top of the one that was
> already mentioned[2] in the comment 2 the crash doesn't happening anymore.
> 
> Michal Kubecek, what do you think? Should we also backport this commit[1]?
> 
> 
> [1]:
> https://github.com/torvalds/linux/commit/
> a2f4c143d76b1a47c91ef9bc46907116b111da0b.patch
> [2]:
> https://github.com/torvalds/linux/commit/
> 4e006c7a6dac0ead4c1bf606000aa90a372fc253

The CVE description is too vague and lacks details (quite common problem
recently, unfortunately) so that one can only guess what exactly is supposed
to be the fix for it. In this case, the commit message explicitly mentions
the CVE id so it should be related, I suppose.

Comment 59 Hannes Reinecke 2023-08-10 06:39:41 UTC

Denis, can you check the patch?

Comment 60 Michal Kubeček 2023-08-10 06:54:55 UTC

I'm sorry, I forgot to update the bug. Both commits discussed here, i.e.

  4e006c7a6dac  net: rpl: fix rpl header size calculation
  a2f4c143d76b  ipv6: rpl: Fix Route of Death.

are now merged into both SLE15-SP4 and SLE15-SP3-LTSS (and also SLE15-SP5).

Comment 64 Maintenance Automation 2023-08-14 08:30:10 UTC

SUSE-SU-2023:3302-1: An update that solves 28 vulnerabilities, contains two features and has 115 fixes can now be installed.

Category: security (important)
Bug References: 1150305, 1187829, 1193629, 1194869, 1206418, 1207129, 1207894, 1207948, 1208788, 1210335, 1210565, 1210584, 1210627, 1210780, 1210825, 1210853, 1211014, 1211131, 1211243, 1211738, 1211811, 1211867, 1212051, 1212256, 1212265, 1212301, 1212445, 1212456, 1212502, 1212525, 1212603, 1212604, 1212685, 1212766, 1212835, 1212838, 1212842, 1212846, 1212848, 1212861, 1212869, 1212892, 1212901, 1212905, 1212961, 1213010, 1213011, 1213012, 1213013, 1213014, 1213015, 1213016, 1213017, 1213018, 1213019, 1213020, 1213021, 1213024, 1213025, 1213032, 1213034, 1213035, 1213036, 1213037, 1213038, 1213039, 1213040, 1213041, 1213059, 1213061, 1213087, 1213088, 1213089, 1213090, 1213092, 1213093, 1213094, 1213095, 1213096, 1213098, 1213099, 1213100, 1213102, 1213103, 1213104, 1213105, 1213106, 1213107, 1213108, 1213109, 1213110, 1213111, 1213112, 1213113, 1213114, 1213116, 1213134, 1213167, 1213205, 1213206, 1213226, 1213233, 1213245, 1213247, 1213252, 1213258, 1213259, 1213263, 1213264, 1213272, 1213286, 1213287, 1213304, 1213417, 1213493, 1213523, 1213524, 1213533, 1213543, 1213578, 1213585, 1213586, 1213588, 1213601, 1213620, 1213632, 1213653, 1213705, 1213713, 1213715, 1213747, 1213756, 1213759, 1213777, 1213810, 1213812, 1213856, 1213857, 1213863, 1213867, 1213870, 1213871, 1213872
CVE References: CVE-2022-40982, CVE-2023-0459, CVE-2023-1829, CVE-2023-20569, CVE-2023-20593, CVE-2023-21400, CVE-2023-2156, CVE-2023-2166, CVE-2023-2430, CVE-2023-2985, CVE-2023-3090, CVE-2023-31083, CVE-2023-3111, CVE-2023-3117, CVE-2023-31248, CVE-2023-3212, CVE-2023-3268, CVE-2023-3389, CVE-2023-3390, CVE-2023-35001, CVE-2023-3567, CVE-2023-3609, CVE-2023-3611, CVE-2023-3776, CVE-2023-3812, CVE-2023-38409, CVE-2023-3863, CVE-2023-4004
Jira References: PED-4718, PED-4758
Sources used:
openSUSE Leap 15.5 (src): kernel-livepatch-SLE15-SP5-RT_Update_3-1-150500.11.5.1, kernel-syms-rt-5.14.21-150500.13.11.1, kernel-source-rt-5.14.21-150500.13.11.1
SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5-RT_Update_3-1-150500.11.5.1
SUSE Real Time Module 15-SP5 (src): kernel-syms-rt-5.14.21-150500.13.11.1, kernel-source-rt-5.14.21-150500.13.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 65 Maintenance Automation 2023-08-14 16:30:14 UTC

SUSE-SU-2023:3313-1: An update that solves 13 vulnerabilities and has 20 fixes can now be installed.

Category: security (important)
Bug References: 1206418, 1207129, 1210627, 1210780, 1211131, 1211738, 1212502, 1212604, 1212901, 1213167, 1213272, 1213287, 1213304, 1213585, 1213586, 1213588, 1213620, 1213653, 1213713, 1213715, 1213747, 1213756, 1213759, 1213777, 1213810, 1213812, 1213842, 1213856, 1213857, 1213863, 1213867, 1213870, 1213871
CVE References: CVE-2022-40982, CVE-2023-0459, CVE-2023-20569, CVE-2023-21400, CVE-2023-2156, CVE-2023-2166, CVE-2023-31083, CVE-2023-3268, CVE-2023-3567, CVE-2023-3609, CVE-2023-3611, CVE-2023-3776, CVE-2023-4004
Sources used:
SUSE Linux Enterprise Micro for Rancher 5.4 (src): kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3
SUSE Linux Enterprise Micro 5.4 (src): kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3
Basesystem Module 15-SP4 (src): kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3, kernel-source-5.14.21-150400.24.81.1
Development Tools Module 15-SP4 (src): kernel-source-5.14.21-150400.24.81.1, kernel-syms-5.14.21-150400.24.81.1, kernel-obs-build-5.14.21-150400.24.81.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4_Update_16-1-150400.9.3.3
openSUSE Leap 15.4 (src): kernel-obs-qa-5.14.21-150400.24.81.1, kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3, kernel-syms-5.14.21-150400.24.81.1, kernel-source-5.14.21-150400.24.81.1, kernel-obs-build-5.14.21-150400.24.81.1, kernel-livepatch-SLE15-SP4_Update_16-1-150400.9.3.3
openSUSE Leap Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3
openSUSE Leap Micro 5.4 (src): kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3
SUSE Linux Enterprise Micro for Rancher 5.3 (src): kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3
SUSE Linux Enterprise Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 66 Maintenance Automation 2023-08-14 16:30:29 UTC

SUSE-SU-2023:3311-1: An update that solves 15 vulnerabilities and has 27 fixes can now be installed.

Category: security (important)
Bug References: 1206418, 1207129, 1207948, 1210627, 1210780, 1210825, 1211131, 1211738, 1211811, 1212445, 1212502, 1212604, 1212766, 1212901, 1213167, 1213272, 1213287, 1213304, 1213417, 1213578, 1213585, 1213586, 1213588, 1213601, 1213620, 1213632, 1213653, 1213713, 1213715, 1213747, 1213756, 1213759, 1213777, 1213810, 1213812, 1213856, 1213857, 1213863, 1213867, 1213870, 1213871, 1213872
CVE References: CVE-2022-40982, CVE-2023-0459, CVE-2023-20569, CVE-2023-21400, CVE-2023-2156, CVE-2023-2166, CVE-2023-31083, CVE-2023-3268, CVE-2023-3567, CVE-2023-3609, CVE-2023-3611, CVE-2023-3776, CVE-2023-38409, CVE-2023-3863, CVE-2023-4004
Sources used:
openSUSE Leap 15.5 (src): kernel-syms-5.14.21-150500.55.19.1, kernel-default-base-5.14.21-150500.55.19.1.150500.6.6.4, kernel-livepatch-SLE15-SP5_Update_3-1-150500.11.3.4, kernel-source-5.14.21-150500.55.19.1, kernel-obs-qa-5.14.21-150500.55.19.1, kernel-obs-build-5.14.21-150500.55.19.1
Basesystem Module 15-SP5 (src): kernel-default-base-5.14.21-150500.55.19.1.150500.6.6.4, kernel-source-5.14.21-150500.55.19.1
Development Tools Module 15-SP5 (src): kernel-obs-build-5.14.21-150500.55.19.1, kernel-syms-5.14.21-150500.55.19.1, kernel-source-5.14.21-150500.55.19.1
SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5_Update_3-1-150500.11.3.4

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 67 Maintenance Automation 2023-08-15 12:30:09 UTC

SUSE-SU-2023:3318-1: An update that solves 20 vulnerabilities and has 89 fixes can now be installed.

Category: security (important)
Bug References: 1150305, 1193629, 1194869, 1206418, 1207129, 1207894, 1208788, 1210565, 1210584, 1210627, 1210780, 1210853, 1211131, 1211243, 1211738, 1211811, 1211867, 1212301, 1212502, 1212604, 1212846, 1212901, 1212905, 1213010, 1213011, 1213012, 1213013, 1213014, 1213015, 1213016, 1213017, 1213018, 1213019, 1213020, 1213021, 1213024, 1213025, 1213032, 1213034, 1213035, 1213036, 1213037, 1213038, 1213039, 1213040, 1213041, 1213059, 1213061, 1213087, 1213088, 1213089, 1213090, 1213092, 1213093, 1213094, 1213095, 1213096, 1213098, 1213099, 1213100, 1213102, 1213103, 1213104, 1213105, 1213106, 1213107, 1213108, 1213109, 1213110, 1213111, 1213112, 1213113, 1213114, 1213134, 1213167, 1213245, 1213247, 1213252, 1213258, 1213259, 1213263, 1213264, 1213272, 1213286, 1213287, 1213304, 1213523, 1213524, 1213543, 1213585, 1213586, 1213588, 1213620, 1213653, 1213705, 1213713, 1213715, 1213747, 1213756, 1213759, 1213777, 1213810, 1213812, 1213856, 1213857, 1213863, 1213867, 1213870, 1213871
CVE References: CVE-2022-40982, CVE-2023-0459, CVE-2023-20569, CVE-2023-20593, CVE-2023-21400, CVE-2023-2156, CVE-2023-2166, CVE-2023-2985, CVE-2023-31083, CVE-2023-3117, CVE-2023-31248, CVE-2023-3268, CVE-2023-3390, CVE-2023-35001, CVE-2023-3567, CVE-2023-3609, CVE-2023-3611, CVE-2023-3776, CVE-2023-3812, CVE-2023-4004
Sources used:
openSUSE Leap 15.4 (src): kernel-syms-rt-5.14.21-150400.15.46.1, kernel-source-rt-5.14.21-150400.15.46.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_11-1-150400.1.5.1
SUSE Real Time Module 15-SP4 (src): kernel-syms-rt-5.14.21-150400.15.46.1, kernel-source-rt-5.14.21-150400.15.46.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 68 Maintenance Automation 2023-08-22 16:30:03 UTC

SUSE-SU-2023:3376-1: An update that solves 15 vulnerabilities and has 27 fixes can now be installed.

Category: security (important)
Bug References: 1206418, 1207129, 1207948, 1210627, 1210780, 1210825, 1211131, 1211738, 1211811, 1212445, 1212502, 1212604, 1212766, 1212901, 1213167, 1213272, 1213287, 1213304, 1213417, 1213578, 1213585, 1213586, 1213588, 1213601, 1213620, 1213632, 1213653, 1213713, 1213715, 1213747, 1213756, 1213759, 1213777, 1213810, 1213812, 1213856, 1213857, 1213863, 1213867, 1213870, 1213871, 1213872
CVE References: CVE-2022-40982, CVE-2023-0459, CVE-2023-20569, CVE-2023-21400, CVE-2023-2156, CVE-2023-2166, CVE-2023-31083, CVE-2023-3268, CVE-2023-3567, CVE-2023-3609, CVE-2023-3611, CVE-2023-3776, CVE-2023-38409, CVE-2023-3863, CVE-2023-4004
Sources used:
openSUSE Leap 15.5 (src): kernel-syms-azure-5.14.21-150500.33.14.1, kernel-source-azure-5.14.21-150500.33.14.1
Public Cloud Module 15-SP5 (src): kernel-syms-azure-5.14.21-150500.33.14.1, kernel-source-azure-5.14.21-150500.33.14.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 69 Maintenance Automation 2023-08-22 20:30:13 UTC

SUSE-SU-2023:3377-1: An update that solves 11 vulnerabilities and has 19 fixes can now be installed.

Category: security (important)
Bug References: 1206418, 1207129, 1210627, 1210780, 1211131, 1211738, 1212502, 1212604, 1212901, 1213167, 1213272, 1213287, 1213304, 1213588, 1213620, 1213653, 1213713, 1213715, 1213747, 1213756, 1213759, 1213777, 1213810, 1213812, 1213856, 1213857, 1213863, 1213867, 1213870, 1213871
CVE References: CVE-2022-40982, CVE-2023-0459, CVE-2023-20569, CVE-2023-21400, CVE-2023-2156, CVE-2023-2166, CVE-2023-31083, CVE-2023-3268, CVE-2023-3567, CVE-2023-3776, CVE-2023-4004
Sources used:
openSUSE Leap 15.4 (src): kernel-source-azure-5.14.21-150400.14.63.1, kernel-syms-azure-5.14.21-150400.14.63.1
Public Cloud Module 15-SP4 (src): kernel-source-azure-5.14.21-150400.14.63.1, kernel-syms-azure-5.14.21-150400.14.63.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 70 Maintenance Automation 2023-08-23 16:30:24 UTC

SUSE-SU-2023:3391-1: An update that solves 15 vulnerabilities, contains one feature and has nine fixes can now be installed.

Category: security (important)
Bug References: 1199304, 1206418, 1207270, 1210584, 1211131, 1211738, 1211867, 1212301, 1212741, 1212835, 1212846, 1213059, 1213061, 1213167, 1213245, 1213286, 1213287, 1213354, 1213543, 1213585, 1213586, 1213588, 1213653, 1213868
CVE References: CVE-2022-40982, CVE-2023-0459, CVE-2023-20569, CVE-2023-20593, CVE-2023-2156, CVE-2023-2985, CVE-2023-3117, CVE-2023-31248, CVE-2023-3390, CVE-2023-35001, CVE-2023-3567, CVE-2023-3609, CVE-2023-3611, CVE-2023-3776, CVE-2023-3812
Jira References: PED-4567
Sources used:
SUSE Linux Enterprise Live Patching 15-SP3 (src): kernel-livepatch-SLE15-SP3_Update_35-1-150300.7.3.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): kernel-obs-build-5.3.18-150300.59.130.1, kernel-default-base-5.3.18-150300.59.130.1.150300.18.76.1, kernel-source-5.3.18-150300.59.130.1, kernel-syms-5.3.18-150300.59.130.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): kernel-obs-build-5.3.18-150300.59.130.1, kernel-default-base-5.3.18-150300.59.130.1.150300.18.76.1, kernel-source-5.3.18-150300.59.130.1, kernel-syms-5.3.18-150300.59.130.1
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): kernel-obs-build-5.3.18-150300.59.130.1, kernel-default-base-5.3.18-150300.59.130.1.150300.18.76.1, kernel-source-5.3.18-150300.59.130.1, kernel-syms-5.3.18-150300.59.130.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): kernel-obs-build-5.3.18-150300.59.130.1, kernel-default-base-5.3.18-150300.59.130.1.150300.18.76.1, kernel-source-5.3.18-150300.59.130.1, kernel-syms-5.3.18-150300.59.130.1
SUSE Manager Proxy 4.2 (src): kernel-default-base-5.3.18-150300.59.130.1.150300.18.76.1, kernel-source-5.3.18-150300.59.130.1
SUSE Manager Retail Branch Server 4.2 (src): kernel-default-base-5.3.18-150300.59.130.1.150300.18.76.1, kernel-source-5.3.18-150300.59.130.1
SUSE Manager Server 4.2 (src): kernel-default-base-5.3.18-150300.59.130.1.150300.18.76.1, kernel-source-5.3.18-150300.59.130.1
SUSE Enterprise Storage 7.1 (src): kernel-obs-build-5.3.18-150300.59.130.1, kernel-default-base-5.3.18-150300.59.130.1.150300.18.76.1, kernel-source-5.3.18-150300.59.130.1, kernel-syms-5.3.18-150300.59.130.1
SUSE Linux Enterprise Micro 5.1 (src): kernel-default-base-5.3.18-150300.59.130.1.150300.18.76.1
SUSE Linux Enterprise Micro 5.2 (src): kernel-default-base-5.3.18-150300.59.130.1.150300.18.76.1
SUSE Linux Enterprise Micro for Rancher 5.2 (src): kernel-default-base-5.3.18-150300.59.130.1.150300.18.76.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 71 Maintenance Automation 2023-08-24 12:30:37 UTC

SUSE-SU-2023:3421-1: An update that solves 15 vulnerabilities, contains one feature and has nine fixes can now be installed.

Category: security (important)
Bug References: 1199304, 1206418, 1207270, 1210584, 1211131, 1211738, 1211867, 1212301, 1212741, 1212835, 1212846, 1213059, 1213061, 1213167, 1213245, 1213286, 1213287, 1213354, 1213543, 1213585, 1213586, 1213588, 1213653, 1213868
CVE References: CVE-2022-40982, CVE-2023-0459, CVE-2023-20569, CVE-2023-20593, CVE-2023-2156, CVE-2023-2985, CVE-2023-3117, CVE-2023-31248, CVE-2023-3390, CVE-2023-35001, CVE-2023-3567, CVE-2023-3609, CVE-2023-3611, CVE-2023-3776, CVE-2023-3812
Jira References: PED-4567
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 72 Cathy Hu 2023-09-25 12:27:08 UTC

done, closing

Comment 73 Maintenance Automation 2024-02-27 12:01:26 UTC

SUSE-SU-2023:2646-1: An update that solves 69 vulnerabilities, contains six features and has 292 security fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1109158, 1142685, 1152472, 1152489, 1155798, 1160435, 1166486, 1172073, 1174777, 1177529, 1186449, 1189998, 1189999, 1191731, 1193629, 1194869, 1195175, 1195655, 1195921, 1196058, 1197534, 1197617, 1198101, 1198438, 1198835, 1199304, 1200054, 1202353, 1202633, 1203039, 1203200, 1203325, 1203331, 1203332, 1203693, 1203906, 1204356, 1204662, 1204993, 1205191, 1205205, 1205544, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1205846, 1206024, 1206036, 1206056, 1206057, 1206103, 1206224, 1206232, 1206340, 1206459, 1206492, 1206493, 1206552, 1206578, 1206640, 1206649, 1206677, 1206824, 1206843, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206891, 1206893, 1206894, 1206935, 1206992, 1207034, 1207050, 1207088, 1207149, 1207158, 1207168, 1207185, 1207270, 1207315, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207521, 1207553, 1207560, 1207574, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207827, 1207842, 1207845, 1207875, 1207878, 1207935, 1207948, 1208050, 1208076, 1208081, 1208105, 1208107, 1208128, 1208130, 1208149, 1208153, 1208183, 1208212, 1208219, 1208290, 1208368, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208542, 1208570, 1208588, 1208598, 1208599, 1208600, 1208602, 1208604, 1208605, 1208607, 1208619, 1208628, 1208700, 1208758, 1208759, 1208776, 1208777, 1208784, 1208787, 1208815, 1208816, 1208829, 1208837, 1208843, 1208845, 1208848, 1208864, 1208902, 1208948, 1208976, 1209008, 1209052, 1209092, 1209159, 1209256, 1209258, 1209262, 1209287, 1209288, 1209290, 1209292, 1209367, 1209457, 1209504, 1209532, 1209556, 1209600, 1209635, 1209636, 1209637, 1209684, 1209687, 1209693, 1209739, 1209779, 1209788, 1209798, 1209799, 1209804, 1209805, 1209856, 1209871, 1209927, 1209980, 1209982, 1209999, 1210034, 1210050, 1210158, 1210165, 1210202, 1210203, 1210206, 1210216, 1210230, 1210294, 1210301, 1210329, 1210336, 1210409, 1210439, 1210449, 1210450, 1210469, 1210498, 1210506, 1210533, 1210551, 1210629, 1210644, 1210647, 1210725, 1210741, 1210762, 1210763, 1210764, 1210765, 1210766, 1210767, 1210768, 1210769, 1210770, 1210771, 1210775, 1210783, 1210791, 1210793, 1210806, 1210816, 1210817, 1210827, 1210940, 1210943, 1210947, 1210953, 1210986, 1211025, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211140, 1211205, 1211263, 1211280, 1211281, 1211299, 1211387, 1211414, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211593, 1211595, 1211654, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211796, 1211804, 1211807, 1211808, 1211820, 1211836, 1211847, 1211855, 1211960, 1212129, 1212154, 1212155, 1212158
CVE References: CVE-2022-2196, CVE-2022-36280, CVE-2022-38096, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2022-4744, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0394, CVE-2023-0461, CVE-2023-0469, CVE-2023-0590, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1077, CVE-2023-1079, CVE-2023-1095, CVE-2023-1118, CVE-2023-1380, CVE-2023-1382, CVE-2023-1513, CVE-2023-1582, CVE-2023-1583, CVE-2023-1611, CVE-2023-1637, CVE-2023-1652, CVE-2023-1670, CVE-2023-1838, CVE-2023-1855, CVE-2023-1989, CVE-2023-1998, CVE-2023-2002, CVE-2023-21102, CVE-2023-21106, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2176, CVE-2023-2235, CVE-2023-2269, CVE-2023-22998, CVE-2023-23000, CVE-2023-23001, CVE-2023-23004, CVE-2023-23006, CVE-2023-2483, CVE-2023-25012, CVE-2023-2513, CVE-2023-26545, CVE-2023-28327, CVE-2023-28410, CVE-2023-28464, CVE-2023-3006, CVE-2023-30456, CVE-2023-30772, CVE-2023-31084, CVE-2023-3141, CVE-2023-31436, CVE-2023-3161, CVE-2023-32233, CVE-2023-33288, CVE-2023-33951, CVE-2023-33952
Jira References: PED-3210, PED-3259, PED-3692, PED-3750, PED-3759, PED-4022
Sources used:
openSUSE Leap 15.5 (src): kernel-source-azure-5.14.21-150500.33.3.1, kernel-syms-azure-5.14.21-150500.33.3.1
Public Cloud Module 15-SP5 (src): kernel-source-azure-5.14.21-150500.33.3.1, kernel-syms-azure-5.14.21-150500.33.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.