Bugzilla – Bug 1207036
VUL-0: CVE-2023-23454: kernel: type-confusion in the CBQ network scheduler
Last modified: 2024-06-25 17:20:28 UTC
From oss-sec: Hi there, I recently found a type-confusion vulnerability in the Linux kernel. Since it interprets random data as pointers, it is potentially exploitable. According to the fix commit, this bug was introduced in Linux-2.6.12-rc2 in 2005. I already contacted security () kernel org and helped them patch the vulnerability. # Vulnerability The vulnerability is caused by accessing classification results before checking the classification return code in the network scheduler's code. For example, in the following snippet from `cbq_classify`: ~~~ struct cbq_class *cl; ...... result = tcf_classify(skb, fl, &res, true); if (!fl || result < 0) goto fallback; cl = (void *)res.class; ~~~ It checks `result < 0` before casting `res.class` to `struct cbq_class *`. However, `result >= 0` does not ensure `res.class` contains valid results. Specifically, it is possible `result` itself says the packet is invalid and should be dropped (`TC_ACT_SHOT`) while at the same time res.class contains invalid data because res.class is a huge union attribute and can be used for other purposes before it is marked as `TC_ACT_SHOT`. As a result, it is a type confusion between `struct cbq_class` and whatever struct that res.class was used as before it is returned. # Patch Two schedulers have the same vulnerable code patterns and the fixes can be found https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=caa4b35b4317d5147b3ab0fbdc9c075c7d2e9c12 and https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2965c7be0522eaa18808684b7b82b248515511b This vulnerability does not have a CVE assigned. I'll appreciate it if anyone on the mailing list can give it a CVE to signify its security implications. Best, Kyle Zeng
Commit introducing the type confusion introduced in 2.6, and ATM and CBQ net schedulers enabled in all maintained branches, so they're all affected: - cve/linux-3.0 - cve/linux-4.4 - cve/linux-4.12 - cve/linux-5.3 - SLE15-SP4 - stable
SUSE-SU-2023:0145-1: An update that solves 5 vulnerabilities, contains one feature and has 7 fixes is now available. Category: security (important) Bug References: 1065729,1203740,1204250,1205695,1206073,1206344,1206389,1206395,1206664,1207036,1207168,1207195 CVE References: CVE-2022-3107,CVE-2022-3108,CVE-2022-3564,CVE-2022-4662,CVE-2023-23454 JIRA References: PED-568 Sources used: SUSE Linux Enterprise Workstation Extension 12-SP5 (src): kernel-default-4.12.14-122.147.1 SUSE Linux Enterprise Software Development Kit 12-SP5 (src): kernel-docs-4.12.14-122.147.1, kernel-obs-build-4.12.14-122.147.1 SUSE Linux Enterprise Server 12-SP5 (src): kernel-default-4.12.14-122.147.1, kernel-source-4.12.14-122.147.1, kernel-syms-4.12.14-122.147.1 SUSE Linux Enterprise Live Patching 12-SP5 (src): kernel-default-4.12.14-122.147.1, kgraft-patch-SLE12-SP5_Update_39-1-8.3.1 SUSE Linux Enterprise High Availability 12-SP5 (src): kernel-default-4.12.14-122.147.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:0152-1: An update that solves 19 vulnerabilities, contains three features and has 71 fixes is now available. Category: security (important) Bug References: 1065729,1151927,1156395,1157049,1190969,1203183,1203693,1203740,1204171,1204250,1204614,1204693,1204760,1204989,1205149,1205256,1205495,1205496,1205601,1205695,1206073,1206113,1206114,1206174,1206175,1206176,1206177,1206178,1206179,1206344,1206389,1206393,1206394,1206395,1206397,1206398,1206399,1206515,1206602,1206634,1206635,1206636,1206637,1206640,1206641,1206642,1206643,1206644,1206645,1206646,1206647,1206648,1206649,1206663,1206664,1206784,1206841,1206854,1206855,1206857,1206858,1206859,1206860,1206873,1206875,1206876,1206877,1206878,1206880,1206881,1206882,1206883,1206884,1206885,1206886,1206887,1206888,1206889,1206890,1206891,1206893,1206896,1206904,1207036,1207125,1207134,1207186,1207198,1207218,1207237 CVE References: CVE-2019-19083,CVE-2022-3105,CVE-2022-3106,CVE-2022-3107,CVE-2022-3108,CVE-2022-3111,CVE-2022-3112,CVE-2022-3115,CVE-2022-3435,CVE-2022-3564,CVE-2022-3643,CVE-2022-42328,CVE-2022-42329,CVE-2022-4662,CVE-2022-47520,CVE-2022-47929,CVE-2023-0266,CVE-2023-23454,CVE-2023-23455 JIRA References: PED-1445,PED-1706,PED-568 Sources used: openSUSE Leap Micro 5.2 (src): kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1 openSUSE Leap 15.4 (src): dtb-aarch64-5.3.18-150300.59.109.1 SUSE Manager Server 4.2 (src): kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-zfcpdump-5.3.18-150300.59.109.1 SUSE Manager Retail Branch Server 4.2 (src): kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1 SUSE Manager Proxy 4.2 (src): kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1 SUSE Linux Enterprise Server for SAP 15-SP3 (src): kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1 SUSE Linux Enterprise Server 15-SP3-LTSS (src): kernel-64kb-5.3.18-150300.59.109.1, kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1, kernel-zfcpdump-5.3.18-150300.59.109.1 SUSE Linux Enterprise Realtime Extension 15-SP3 (src): kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1 SUSE Linux Enterprise Module for Live Patching 15-SP3 (src): kernel-default-5.3.18-150300.59.109.1, kernel-livepatch-SLE15-SP3_Update_28-1-150300.7.3.1 SUSE Linux Enterprise Micro 5.2 (src): kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1 SUSE Linux Enterprise Micro 5.1 (src): kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1 SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (src): kernel-64kb-5.3.18-150300.59.109.1, kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1 SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (src): kernel-64kb-5.3.18-150300.59.109.1, kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1 SUSE Linux Enterprise High Availability 15-SP3 (src): kernel-default-5.3.18-150300.59.109.1 SUSE Enterprise Storage 7.1 (src): kernel-64kb-5.3.18-150300.59.109.1, kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
This bug seems to approach a good date for CVE SLA fulfillment [1]. Denis, what is its status, please? Namely these seem missing: - SLE15-SP4 - cve/linux-4.4 - cve/linux-3.0 - SLE15-SP5-GA - (stable) . [1] https://confluence.suse.com/display/KSS/Kernel+Security+Sentinel
(In reply to Michal Koutný from comment #13) > This bug seems to approach a good date for CVE SLA fulfillment [1]. > > Denis, what is its status, please? Namely these seem missing: > - SLE15-SP4 > - cve/linux-4.4 > - cve/linux-3.0 > - SLE15-SP5-GA > - (stable) > . > > [1] https://confluence.suse.com/display/KSS/Kernel+Security+Sentinel SLE15-SP5-GA already has the pacthes. Pushed to: - SLE15-SP4 - cve/linux-4.4 - cve/linux-3.0
> SLE15-SP5-GA already has the pacthes Ah, I missed that. Could you please refresh References: with the CVE to calm ours and customers' tools? ;-)
(In reply to Michal Koutný from comment #16) > > SLE15-SP5-GA already has the pacthes > > Ah, I missed that. > Could you please refresh References: with the CVE to calm ours and > customers' tools? ;-) pushed. Thanks!
Upstream commit caa4b35b4317 ("net: sched: cbq: dont intepret cls results when asked to drop") looks bogus to me: it removes a switch case branch where the preceeding one used to fallthrough into. Denis, could you have a look and check whether or not this is a potential problem?
SUSE-SU-2023:0406-1: An update that solves 16 vulnerabilities, contains one feature and has 14 fixes is now available. Category: security (important) Bug References: 1203183,1203693,1203740,1204171,1204614,1204760,1205149,1206073,1206113,1206114,1206314,1206389,1206393,1206395,1206398,1206399,1206515,1206664,1206677,1206784,1207036,1207125,1207134,1207186,1207188,1207189,1207190,1207237,1207769,1207823 CVE References: CVE-2022-3105,CVE-2022-3107,CVE-2022-3108,CVE-2022-3112,CVE-2022-3115,CVE-2022-3435,CVE-2022-3564,CVE-2022-3643,CVE-2022-42328,CVE-2022-42329,CVE-2022-4662,CVE-2022-47520,CVE-2022-47929,CVE-2023-0266,CVE-2023-23454,CVE-2023-23455 JIRA References: PED-1706 Sources used: SUSE Linux Enterprise Server for SAP 15-SP2 (src): kernel-default-5.3.18-150200.24.142.1, kernel-default-base-5.3.18-150200.24.142.1.150200.9.67.1, kernel-docs-5.3.18-150200.24.142.1, kernel-obs-build-5.3.18-150200.24.142.1, kernel-preempt-5.3.18-150200.24.142.1, kernel-source-5.3.18-150200.24.142.1, kernel-syms-5.3.18-150200.24.142.1 SUSE Linux Enterprise Server 15-SP2-LTSS (src): kernel-default-5.3.18-150200.24.142.1, kernel-default-base-5.3.18-150200.24.142.1.150200.9.67.1, kernel-docs-5.3.18-150200.24.142.1, kernel-obs-build-5.3.18-150200.24.142.1, kernel-preempt-5.3.18-150200.24.142.1, kernel-source-5.3.18-150200.24.142.1, kernel-syms-5.3.18-150200.24.142.1 SUSE Linux Enterprise Module for Live Patching 15-SP2 (src): kernel-default-5.3.18-150200.24.142.1, kernel-livepatch-SLE15-SP2_Update_33-1-150200.5.3.1 SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src): kernel-default-5.3.18-150200.24.142.1, kernel-default-base-5.3.18-150200.24.142.1.150200.9.67.1, kernel-docs-5.3.18-150200.24.142.1, kernel-obs-build-5.3.18-150200.24.142.1, kernel-preempt-5.3.18-150200.24.142.1, kernel-source-5.3.18-150200.24.142.1, kernel-syms-5.3.18-150200.24.142.1 SUSE Linux Enterprise High Availability 15-SP2 (src): kernel-default-5.3.18-150200.24.142.1 SUSE Enterprise Storage 7 (src): kernel-default-5.3.18-150200.24.142.1, kernel-default-base-5.3.18-150200.24.142.1.150200.9.67.1, kernel-docs-5.3.18-150200.24.142.1, kernel-obs-build-5.3.18-150200.24.142.1, kernel-preempt-5.3.18-150200.24.142.1, kernel-source-5.3.18-150200.24.142.1, kernel-syms-5.3.18-150200.24.142.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:0407-1: An update that solves four vulnerabilities and has 5 fixes is now available. Category: security (important) Bug References: 1203693,1205149,1206073,1206664,1206677,1206784,1207036,1207186,1207237 CVE References: CVE-2022-3564,CVE-2022-4662,CVE-2022-47929,CVE-2023-23454 JIRA References: Sources used: SUSE OpenStack Cloud Crowbar 9 (src): kernel-default-4.12.14-95.117.1, kernel-source-4.12.14-95.117.1, kernel-syms-4.12.14-95.117.1 SUSE OpenStack Cloud 9 (src): kernel-default-4.12.14-95.117.1, kernel-source-4.12.14-95.117.1, kernel-syms-4.12.14-95.117.1 SUSE Linux Enterprise Server for SAP 12-SP4 (src): kernel-default-4.12.14-95.117.1, kernel-source-4.12.14-95.117.1, kernel-syms-4.12.14-95.117.1 SUSE Linux Enterprise Server 12-SP4-LTSS (src): kernel-default-4.12.14-95.117.1, kernel-source-4.12.14-95.117.1, kernel-syms-4.12.14-95.117.1 SUSE Linux Enterprise Live Patching 12-SP4 (src): kernel-default-4.12.14-95.117.1, kgraft-patch-SLE12-SP4_Update_33-1-6.3.1 SUSE Linux Enterprise High Availability 12-SP4 (src): kernel-default-4.12.14-95.117.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:0410-1: An update that solves 6 vulnerabilities, contains one feature and has 5 fixes is now available. Category: security (important) Bug References: 1203693,1205149,1206073,1206389,1206395,1206664,1206677,1206784,1207036,1207186,1207237 CVE References: CVE-2022-3107,CVE-2022-3108,CVE-2022-3564,CVE-2022-4662,CVE-2022-47929,CVE-2023-23454 JIRA References: PED-1706 Sources used: openSUSE Leap 15.4 (src): kernel-debug-4.12.14-150100.197.134.1, kernel-default-4.12.14-150100.197.134.1, kernel-kvmsmall-4.12.14-150100.197.134.1, kernel-vanilla-4.12.14-150100.197.134.1, kernel-zfcpdump-4.12.14-150100.197.134.1 SUSE Linux Enterprise Server for SAP 15-SP1 (src): kernel-default-4.12.14-150100.197.134.1, kernel-docs-4.12.14-150100.197.134.1, kernel-obs-build-4.12.14-150100.197.134.1, kernel-source-4.12.14-150100.197.134.1, kernel-syms-4.12.14-150100.197.134.1 SUSE Linux Enterprise Server 15-SP1-LTSS (src): kernel-default-4.12.14-150100.197.134.1, kernel-docs-4.12.14-150100.197.134.1, kernel-obs-build-4.12.14-150100.197.134.1, kernel-source-4.12.14-150100.197.134.1, kernel-syms-4.12.14-150100.197.134.1, kernel-zfcpdump-4.12.14-150100.197.134.1 SUSE Linux Enterprise Module for Live Patching 15-SP1 (src): kernel-default-4.12.14-150100.197.134.1, kernel-livepatch-SLE15-SP1_Update_37-1-150100.3.3.1 SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src): kernel-default-4.12.14-150100.197.134.1, kernel-docs-4.12.14-150100.197.134.1, kernel-obs-build-4.12.14-150100.197.134.1, kernel-source-4.12.14-150100.197.134.1, kernel-syms-4.12.14-150100.197.134.1 SUSE Linux Enterprise High Availability 15-SP1 (src): kernel-default-4.12.14-150100.197.134.1 SUSE CaaS Platform 4.0 (src): kernel-default-4.12.14-150100.197.134.1, kernel-docs-4.12.14-150100.197.134.1, kernel-obs-build-4.12.14-150100.197.134.1, kernel-source-4.12.14-150100.197.134.1, kernel-syms-4.12.14-150100.197.134.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:0420-1: An update that solves 9 vulnerabilities and has three fixes is now available. Category: security (important) Bug References: 1108488,1205705,1205709,1206073,1206113,1206664,1206677,1206784,1207036,1207125,1207186,1207237 CVE References: CVE-2018-9517,CVE-2022-3564,CVE-2022-3643,CVE-2022-42895,CVE-2022-42896,CVE-2022-4662,CVE-2022-47929,CVE-2023-23454,CVE-2023-23455 JIRA References: Sources used: SUSE Linux Enterprise Server 12-SP2-BCL (src): kernel-default-4.4.121-92.199.1, kernel-source-4.4.121-92.199.1, kernel-syms-4.4.121-92.199.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:0433-1: An update that solves 9 vulnerabilities, contains two features and has 42 fixes is now available. Category: security (important) Bug References: 1065729,1185861,1185863,1186449,1191256,1192868,1193629,1194869,1195175,1195655,1196058,1199701,1204063,1204356,1204662,1205495,1206006,1206036,1206056,1206057,1206258,1206363,1206459,1206616,1206677,1206784,1207010,1207034,1207036,1207050,1207125,1207134,1207149,1207158,1207184,1207186,1207190,1207237,1207263,1207269,1207497,1207500,1207501,1207506,1207507,1207734,1207769,1207795,1207842,1207878,1207933 CVE References: CVE-2020-24588,CVE-2022-4382,CVE-2022-47929,CVE-2023-0122,CVE-2023-0179,CVE-2023-0266,CVE-2023-0590,CVE-2023-23454,CVE-2023-23455 JIRA References: SLE-21132,SLE-24682 Sources used: openSUSE Leap Micro 5.3 (src): kernel-default-5.14.21-150400.24.46.1, kernel-default-base-5.14.21-150400.24.46.1.150400.24.17.3 openSUSE Leap 15.4 (src): dtb-aarch64-5.14.21-150400.24.46.1, kernel-64kb-5.14.21-150400.24.46.1, kernel-debug-5.14.21-150400.24.46.1, kernel-default-5.14.21-150400.24.46.1, kernel-default-base-5.14.21-150400.24.46.1.150400.24.17.3, kernel-docs-5.14.21-150400.24.46.2, kernel-kvmsmall-5.14.21-150400.24.46.1, kernel-obs-build-5.14.21-150400.24.46.1, kernel-obs-qa-5.14.21-150400.24.46.1, kernel-source-5.14.21-150400.24.46.1, kernel-syms-5.14.21-150400.24.46.1, kernel-zfcpdump-5.14.21-150400.24.46.1 SUSE Linux Enterprise Workstation Extension 15-SP4 (src): kernel-default-5.14.21-150400.24.46.1 SUSE Linux Enterprise Module for Live Patching 15-SP4 (src): kernel-default-5.14.21-150400.24.46.1, kernel-livepatch-SLE15-SP4_Update_8-1-150400.9.3.3 SUSE Linux Enterprise Module for Legacy Software 15-SP4 (src): kernel-default-5.14.21-150400.24.46.1 SUSE Linux Enterprise Module for Development Tools 15-SP4 (src): kernel-docs-5.14.21-150400.24.46.2, kernel-obs-build-5.14.21-150400.24.46.1, kernel-source-5.14.21-150400.24.46.1, kernel-syms-5.14.21-150400.24.46.1 SUSE Linux Enterprise Module for Basesystem 15-SP4 (src): kernel-64kb-5.14.21-150400.24.46.1, kernel-default-5.14.21-150400.24.46.1, kernel-default-base-5.14.21-150400.24.46.1.150400.24.17.3, kernel-source-5.14.21-150400.24.46.1, kernel-zfcpdump-5.14.21-150400.24.46.1 SUSE Linux Enterprise Micro 5.3 (src): kernel-default-5.14.21-150400.24.46.1, kernel-default-base-5.14.21-150400.24.46.1.150400.24.17.3 SUSE Linux Enterprise High Availability 15-SP4 (src): kernel-default-5.14.21-150400.24.46.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:0488-1: An update that solves 11 vulnerabilities, contains two features and has 133 fixes can now be installed. Category: security (important) Bug References: 1166486, 1185861, 1185863, 1186449, 1191256, 1192868, 1193629, 1194869, 1195175, 1195655, 1196058, 1199701, 1203332, 1204063, 1204356, 1204662, 1205495, 1206006, 1206036, 1206056, 1206057, 1206224, 1206258, 1206363, 1206459, 1206616, 1206640, 1206677, 1206784, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206893, 1206894, 1207010, 1207034, 1207036, 1207050, 1207125, 1207134, 1207149, 1207158, 1207184, 1207186, 1207188, 1207189, 1207190, 1207237, 1207263, 1207269, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207842, 1207875, 1207878, 1207933, 1208030, 1208044, 1208085, 1208149, 1208153, 1208183, 1208428, 1208429 CVE References: CVE-2020-24588, CVE-2022-36280, CVE-2022-4382, CVE-2022-47929, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0266, CVE-2023-0590, CVE-2023-23454, CVE-2023-23455 Jira References: PED-3210, SLE-21132 Sources used: openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1 SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_3-1-150400.1.3.1 SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:0485-1: An update that solves six vulnerabilities, contains two features and has 53 fixes can now be installed. Category: security (important) Bug References: 1175995, 1186449, 1198971, 1202712, 1202713, 1203332, 1203693, 1204356, 1204514, 1204662, 1205149, 1205397, 1205495, 1206602, 1206635, 1206640, 1206641, 1206642, 1206643, 1206645, 1206646, 1206648, 1206649, 1206677, 1206698, 1206784, 1206855, 1206858, 1206873, 1206876, 1206877, 1206878, 1206880, 1206882, 1206883, 1206884, 1206885, 1206887, 1206888, 1206890, 1207036, 1207092, 1207093, 1207094, 1207097, 1207102, 1207103, 1207104, 1207107, 1207108, 1207134, 1207168, 1207186, 1207195, 1207237, 1207773, 1207795, 1207875, 1208108 CVE References: CVE-2022-36280, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266, CVE-2023-0590, CVE-2023-23454 Jira References: PED-1706, SLE-15608 Sources used: SUSE Linux Enterprise Real Time 12 SP5 (src): kernel-source-rt-4.12.14-10.115.1, kernel-syms-rt-4.12.14-10.115.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:0591-1: An update that solves six vulnerabilities, contains two features and has 51 fixes can now be installed. Category: security (important) Bug References: 1065729, 1156395, 1203740, 1204614, 1204989, 1205496, 1205601, 1205695, 1206073, 1206344, 1206393, 1206399, 1206515, 1206602, 1206634, 1206635, 1206636, 1206637, 1206640, 1206641, 1206642, 1206643, 1206644, 1206645, 1206646, 1206647, 1206648, 1206649, 1206841, 1206854, 1206855, 1206857, 1206858, 1206859, 1206860, 1206873, 1206875, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206891, 1206893, 1206896, 1206904, 1207036, 1207125 CVE References: CVE-2022-3112, CVE-2022-3115, CVE-2022-3564, CVE-2022-47520, CVE-2023-23454, CVE-2023-23455 Jira References: PED-1445, PED-568 Sources used: SUSE Real Time Module 15-SP3 (src): kernel-syms-rt-5.3.18-150300.118.1, kernel-source-rt-5.3.18-150300.118.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
The fix seems to be pushed for all affected code branches. Reassigning back to the security team for further tracking.
Taking back from security team. See comment 20 and bug 1207125 comment 44 for details.
SUSE-SU-2023:1608-1: An update that solves 24 vulnerabilities and has 112 fixes can now be installed. Category: security (important) Bug References: 1166486, 1177529, 1193629, 1197534, 1197617, 1198438, 1200054, 1202353, 1202633, 1203200, 1203331, 1203332, 1204363, 1204993, 1205544, 1205846, 1206103, 1206224, 1206232, 1206459, 1206492, 1206493, 1206640, 1206824, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206886, 1206894, 1206935, 1207036, 1207050, 1207051, 1207125, 1207270, 1207328, 1207529, 1207560, 1207588, 1207590, 1207591, 1207592, 1207593, 1207594, 1207603, 1207605, 1207606, 1207608, 1207609, 1207613, 1207615, 1207617, 1207618, 1207619, 1207620, 1207621, 1207623, 1207624, 1207625, 1207626, 1207630, 1207631, 1207632, 1207634, 1207635, 1207636, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207768, 1207770, 1207771, 1207773, 1207795, 1207845, 1207875, 1208149, 1208153, 1208179, 1208183, 1208212, 1208290, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208542, 1208570, 1208598, 1208599, 1208601, 1208605, 1208607, 1208628, 1208700, 1208741, 1208759, 1208776, 1208777, 1208784, 1208787, 1208816, 1208829, 1208837, 1208843, 1208848, 1209008, 1209159, 1209188, 1209256, 1209258, 1209262, 1209291, 1209436, 1209457, 1209504, 1209572 CVE References: CVE-2022-3523, CVE-2022-36280, CVE-2022-38096, CVE-2023-0045, CVE-2023-0122, CVE-2023-0461, CVE-2023-0590, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1078, CVE-2023-1095, CVE-2023-1118, CVE-2023-22995, CVE-2023-22998, CVE-2023-23000, CVE-2023-23001, CVE-2023-23004, CVE-2023-23454, CVE-2023-23455, CVE-2023-23559, CVE-2023-25012, CVE-2023-26545, CVE-2023-28328 Sources used: openSUSE Leap 15.4 (src): kernel-syms-azure-5.14.21-150400.14.40.1, kernel-source-azure-5.14.21-150400.14.40.1 Public Cloud Module 15-SP4 (src): kernel-syms-azure-5.14.21-150400.14.40.1, kernel-source-azure-5.14.21-150400.14.40.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:1803-1: An update that solves 14 vulnerabilities, contains one feature and has 23 fixes can now be installed. Category: security (important) Bug References: 1065729, 1076830, 1109158, 1181001, 1191924, 1193231, 1199837, 1203092, 1203693, 1206010, 1207001, 1207036, 1207125, 1207795, 1207890, 1208048, 1208179, 1208599, 1208777, 1208850, 1209008, 1209052, 1209118, 1209126, 1209256, 1209289, 1209291, 1209292, 1209532, 1209547, 1209549, 1209556, 1209572, 1209634, 1209684, 1209778, 1209798 CVE References: CVE-2017-5753, CVE-2021-3923, CVE-2022-20567, CVE-2023-0590, CVE-2023-1076, CVE-2023-1095, CVE-2023-1281, CVE-2023-1390, CVE-2023-1513, CVE-2023-23454, CVE-2023-23455, CVE-2023-28328, CVE-2023-28464, CVE-2023-28772 Jira References: ECO-3191 Sources used: SUSE Linux Enterprise Live Patching 12-SP5 (src): kgraft-patch-SLE12-SP5_Update_42-1-8.3.1 SUSE Linux Enterprise Software Development Kit 12 SP5 (src): kernel-obs-build-4.12.14-122.156.1 SUSE Linux Enterprise High Performance Computing 12 SP5 (src): kernel-syms-4.12.14-122.156.1, kernel-source-4.12.14-122.156.1 SUSE Linux Enterprise Server 12 SP5 (src): kernel-syms-4.12.14-122.156.1, kernel-source-4.12.14-122.156.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): kernel-syms-4.12.14-122.156.1, kernel-source-4.12.14-122.156.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:1801-1: An update that solves 14 vulnerabilities, contains one feature and has 19 fixes can now be installed. Category: security (important) Bug References: 1065729, 1076830, 1109158, 1181001, 1193231, 1199837, 1203693, 1206010, 1207001, 1207036, 1207125, 1207795, 1207890, 1208048, 1208599, 1208777, 1208850, 1209052, 1209118, 1209126, 1209256, 1209289, 1209291, 1209292, 1209532, 1209547, 1209549, 1209556, 1209572, 1209634, 1209684, 1209778, 1209798 CVE References: CVE-2017-5753, CVE-2021-3923, CVE-2022-20567, CVE-2023-0590, CVE-2023-1076, CVE-2023-1095, CVE-2023-1281, CVE-2023-1390, CVE-2023-1513, CVE-2023-23454, CVE-2023-23455, CVE-2023-28328, CVE-2023-28464, CVE-2023-28772 Jira References: ECO-3191 Sources used: SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): kernel-source-azure-4.12.14-16.130.1, kernel-syms-azure-4.12.14-16.130.1 SUSE Linux Enterprise High Performance Computing 12 SP5 (src): kernel-source-azure-4.12.14-16.130.1, kernel-syms-azure-4.12.14-16.130.1 SUSE Linux Enterprise Server 12 SP5 (src): kernel-source-azure-4.12.14-16.130.1, kernel-syms-azure-4.12.14-16.130.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:1848-1: An update that solves 15 vulnerabilities and has nine fixes can now be installed. Category: security (important) Bug References: 1076830, 1192273, 1194535, 1207036, 1207125, 1207168, 1207795, 1208179, 1208599, 1208777, 1208811, 1208850, 1209008, 1209052, 1209256, 1209289, 1209291, 1209532, 1209547, 1209549, 1209634, 1209778, 1209845, 1209887 CVE References: CVE-2017-5753, CVE-2021-3923, CVE-2021-4203, CVE-2022-20567, CVE-2023-0590, CVE-2023-1076, CVE-2023-1095, CVE-2023-1281, CVE-2023-1390, CVE-2023-1513, CVE-2023-23454, CVE-2023-23455, CVE-2023-28328, CVE-2023-28464, CVE-2023-28772 Sources used: SUSE Linux Enterprise Live Patching 15-SP1 (src): kernel-livepatch-SLE15-SP1_Update_39-1-150100.3.5.1 SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (src): kernel-syms-4.12.14-150100.197.142.1, kernel-obs-build-4.12.14-150100.197.142.1, kernel-source-4.12.14-150100.197.142.1 SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (src): kernel-syms-4.12.14-150100.197.142.1, kernel-obs-build-4.12.14-150100.197.142.1, kernel-source-4.12.14-150100.197.142.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1 (src): kernel-syms-4.12.14-150100.197.142.1, kernel-obs-build-4.12.14-150100.197.142.1, kernel-source-4.12.14-150100.197.142.1 SUSE CaaS Platform 4.0 (src): kernel-syms-4.12.14-150100.197.142.1, kernel-obs-build-4.12.14-150100.197.142.1, kernel-source-4.12.14-150100.197.142.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:2232-1: An update that solves 28 vulnerabilities and has 14 fixes can now be installed. Category: security (important) Bug References: 1076830, 1194535, 1202353, 1205128, 1207036, 1207125, 1207168, 1207185, 1207795, 1207845, 1208179, 1208333, 1208599, 1208777, 1208837, 1208850, 1209008, 1209052, 1209256, 1209289, 1209291, 1209532, 1209547, 1209549, 1209613, 1209687, 1209777, 1209778, 1209845, 1209871, 1209887, 1210124, 1210202, 1210301, 1210329, 1210336, 1210337, 1210469, 1210498, 1210506, 1210647, 1211037 CVE References: CVE-2017-5753, CVE-2020-36691, CVE-2021-3923, CVE-2021-4203, CVE-2022-20567, CVE-2022-43945, CVE-2023-0590, CVE-2023-0597, CVE-2023-1076, CVE-2023-1095, CVE-2023-1118, CVE-2023-1390, CVE-2023-1513, CVE-2023-1611, CVE-2023-1670, CVE-2023-1855, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-23454, CVE-2023-23455, CVE-2023-2483, CVE-2023-28328, CVE-2023-28464, CVE-2023-28772, CVE-2023-30772 Sources used: SUSE OpenStack Cloud 9 (src): kernel-source-4.12.14-95.125.1, kernel-syms-4.12.14-95.125.1 SUSE OpenStack Cloud Crowbar 9 (src): kernel-source-4.12.14-95.125.1, kernel-syms-4.12.14-95.125.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4 (src): kernel-source-4.12.14-95.125.1, kernel-syms-4.12.14-95.125.1, drbd-9.0.14+git.62f906cf-4.26.2 SUSE Linux Enterprise High Availability Extension 12 SP4 (src): drbd-9.0.14+git.62f906cf-4.26.2 SUSE Linux Enterprise Live Patching 12-SP4 (src): kgraft-patch-SLE12-SP4_Update_35-1-6.5.1 SUSE Linux Enterprise Server 12 SP4 ESPOS 12-SP4 (src): kernel-source-4.12.14-95.125.1, kernel-syms-4.12.14-95.125.1 SUSE Linux Enterprise Server 12 SP4 LTSS 12-SP4 (src): kernel-source-4.12.14-95.125.1, kernel-syms-4.12.14-95.125.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
(In reply to Michal Koutný from comment #63) > Taking back from security team. > See comment 20 and bug 1207125 comment 44 for details. I see a follow-up fix was merged to cve/linux-4.12, but cve/linux-5.3 and SLE15-SP4 still seems missing it. As the livepatching work depends on it, what's the status here please?
(In reply to Nicolai Stange from comment #81) > (In reply to Michal Koutný from comment #63) > > Taking back from security team. > > See comment 20 and bug 1207125 comment 44 for details. > > I see a follow-up fix was merged to cve/linux-4.12, but cve/linux-5.3 and > SLE15-SP4 still seems missing it. As the livepatching work depends on it, > what's the status here please? SLE15-SP4 has the fixes. see the commit 998886f37f2c4576ddc0dc4b998de125fb09e55c
Beware that we also discussed the fixup of misintroduced fallthrough from TC_ACT_TRAP to TC_ACT_RECLASSIFY. That seems folded in origin/cve/linux-4.12:patches.suse/net-sched-cbq-dont-intepret-cls-results-when-asked-t.patch only.
SUSE-SU-2023:2506-1: An update that solves 14 vulnerabilities and has one fix can now be installed. Category: security (important) Bug References: 1108488, 1204414, 1207036, 1207051, 1207125, 1207795, 1208837, 1209008, 1209256, 1209291, 1209532, 1209871, 1210336, 1210647, 1211186 CVE References: CVE-2017-5753, CVE-2018-9517, CVE-2022-3567, CVE-2023-0590, CVE-2023-1118, CVE-2023-1513, CVE-2023-1670, CVE-2023-1989, CVE-2023-2162, CVE-2023-23454, CVE-2023-23455, CVE-2023-23559, CVE-2023-28328, CVE-2023-32269 Sources used: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 (src): kernel-syms-3.0.101-108.141.1, kernel-source-3.0.101-108.141.1 SUSE Linux Enterprise Server 11 SP4 (src): kernel-syms-3.0.101-108.141.1, kernel-source-3.0.101-108.141.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:2805-1: An update that solves 38 vulnerabilities and has four fixes can now be installed. Category: security (important) Bug References: 1126703, 1204405, 1205756, 1205758, 1205760, 1205762, 1205803, 1206878, 1207036, 1207125, 1207168, 1207795, 1208600, 1208777, 1208837, 1209008, 1209039, 1209052, 1209256, 1209287, 1209289, 1209291, 1209532, 1209549, 1209687, 1209871, 1210329, 1210336, 1210337, 1210498, 1210506, 1210647, 1210715, 1210940, 1211105, 1211186, 1211449, 1212128, 1212129, 1212154, 1212501, 1212842 CVE References: CVE-2017-5753, CVE-2018-20784, CVE-2022-3566, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-0590, CVE-2023-1077, CVE-2023-1095, CVE-2023-1118, CVE-2023-1249, CVE-2023-1380, CVE-2023-1390, CVE-2023-1513, CVE-2023-1611, CVE-2023-1670, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-2194, CVE-2023-23454, CVE-2023-23455, CVE-2023-2513, CVE-2023-28328, CVE-2023-28464, CVE-2023-28772, CVE-2023-30772, CVE-2023-3090, CVE-2023-3141, CVE-2023-31436, CVE-2023-3159, CVE-2023-3161, CVE-2023-32269, CVE-2023-35824 Sources used: SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 (src): kernel-syms-4.4.121-92.205.1, kernel-source-4.4.121-92.205.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:2809-1: An update that solves 84 vulnerabilities, contains 25 features and has 320 fixes can now be installed. Category: security (important) Bug References: 1065729, 1109158, 1142685, 1152472, 1152489, 1155798, 1160435, 1166486, 1172073, 1174777, 1177529, 1185861, 1186449, 1189998, 1189999, 1191731, 1193629, 1194869, 1195175, 1195655, 1195921, 1196058, 1197534, 1197617, 1198101, 1198400, 1198438, 1198835, 1199304, 1199701, 1200054, 1202353, 1202633, 1203039, 1203200, 1203325, 1203331, 1203332, 1203693, 1203906, 1204356, 1204363, 1204662, 1204993, 1205153, 1205191, 1205205, 1205544, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1205846, 1206024, 1206036, 1206056, 1206057, 1206103, 1206224, 1206232, 1206340, 1206459, 1206492, 1206493, 1206578, 1206640, 1206649, 1206824, 1206843, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206891, 1206893, 1206894, 1206935, 1206992, 1207034, 1207036, 1207050, 1207051, 1207088, 1207125, 1207149, 1207158, 1207168, 1207185, 1207270, 1207315, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207521, 1207553, 1207560, 1207574, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207827, 1207842, 1207845, 1207875, 1207878, 1207933, 1207935, 1207948, 1208050, 1208076, 1208081, 1208105, 1208107, 1208128, 1208130, 1208149, 1208153, 1208183, 1208212, 1208219, 1208290, 1208368, 1208410, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208542, 1208570, 1208588, 1208598, 1208599, 1208600, 1208601, 1208602, 1208604, 1208605, 1208607, 1208619, 1208628, 1208700, 1208741, 1208758, 1208759, 1208776, 1208777, 1208784, 1208787, 1208815, 1208816, 1208829, 1208837, 1208843, 1208845, 1208848, 1208864, 1208902, 1208948, 1208976, 1209008, 1209039, 1209052, 1209092, 1209159, 1209256, 1209258, 1209262, 1209287, 1209288, 1209290, 1209291, 1209292, 1209366, 1209367, 1209436, 1209457, 1209504, 1209532, 1209556, 1209600, 1209615, 1209635, 1209636, 1209637, 1209684, 1209687, 1209693, 1209739, 1209779, 1209780, 1209788, 1209798, 1209799, 1209804, 1209805, 1209856, 1209871, 1209927, 1209980, 1209982, 1209999, 1210034, 1210050, 1210158, 1210165, 1210202, 1210203, 1210206, 1210216, 1210230, 1210294, 1210301, 1210329, 1210336, 1210337, 1210409, 1210439, 1210449, 1210450, 1210453, 1210454, 1210469, 1210498, 1210506, 1210533, 1210551, 1210629, 1210644, 1210647, 1210725, 1210741, 1210762, 1210763, 1210764, 1210765, 1210766, 1210767, 1210768, 1210769, 1210770, 1210771, 1210775, 1210783, 1210791, 1210793, 1210806, 1210816, 1210817, 1210827, 1210940, 1210943, 1210947, 1210953, 1210986, 1211025, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211205, 1211263, 1211280, 1211281, 1211299, 1211346, 1211387, 1211400, 1211410, 1211414, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211593, 1211595, 1211654, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211794, 1211796, 1211804, 1211807, 1211808, 1211820, 1211836, 1211847, 1211852, 1211855, 1211960, 1212129, 1212154, 1212155, 1212158, 1212350, 1212405, 1212445, 1212448, 1212494, 1212495, 1212504, 1212513, 1212540, 1212556, 1212561, 1212563, 1212564, 1212584, 1212592, 1212605, 1212606, 1212619, 1212701, 1212741 CVE References: CVE-2020-24588, CVE-2022-2196, CVE-2022-3523, CVE-2022-36280, CVE-2022-38096, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2022-4744, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0386, CVE-2023-0394, CVE-2023-0461, CVE-2023-0469, CVE-2023-0590, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1077, CVE-2023-1078, CVE-2023-1079, CVE-2023-1095, CVE-2023-1118, CVE-2023-1249, CVE-2023-1382, CVE-2023-1513, CVE-2023-1582, CVE-2023-1583, CVE-2023-1611, CVE-2023-1637, CVE-2023-1652, CVE-2023-1670, CVE-2023-1838, CVE-2023-1855, CVE-2023-1989, CVE-2023-1998, CVE-2023-2002, CVE-2023-21102, CVE-2023-21106, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2176, CVE-2023-2235, CVE-2023-2269, CVE-2023-22998, CVE-2023-23000, CVE-2023-23001, CVE-2023-23004, CVE-2023-23006, CVE-2023-23454, CVE-2023-23455, CVE-2023-2483, CVE-2023-25012, CVE-2023-2513, CVE-2023-26545, CVE-2023-28327, CVE-2023-28410, CVE-2023-28464, CVE-2023-28466, CVE-2023-28866, CVE-2023-3006, CVE-2023-30456, CVE-2023-30772, CVE-2023-31084, CVE-2023-3141, CVE-2023-31436, CVE-2023-3161, CVE-2023-3220, CVE-2023-32233, CVE-2023-33288, CVE-2023-3357, CVE-2023-3358, CVE-2023-33951, CVE-2023-33952, CVE-2023-35788, CVE-2023-35823, CVE-2023-35828, CVE-2023-35829 Jira References: PED-1549, PED-3210, PED-3259, PED-3692, PED-370, PED-3750, PED-3759, PED-376, PED-3931, PED-4022, PED-835, SES-1880, SLE-18375, SLE-18377, SLE-18378, SLE-18379, SLE-18383, SLE-18384, SLE-18385, SLE-18978, SLE-18992, SLE-19001, SLE-19253, SLE-19255, SLE-19556 Sources used: openSUSE Leap 15.5 (src): kernel-livepatch-SLE15-SP5-RT_Update_1-1-150500.11.5.1, kernel-syms-rt-5.14.21-150500.13.5.1, kernel-source-rt-5.14.21-150500.13.5.1 SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5-RT_Update_1-1-150500.11.5.1 SUSE Real Time Module 15-SP5 (src): kernel-syms-rt-5.14.21-150500.13.5.1, kernel-source-rt-5.14.21-150500.13.5.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:2871-1: An update that solves 82 vulnerabilities, contains 25 features and has 390 fixes can now be installed. Category: security (important) Bug References: 1065729, 1109158, 1142685, 1152472, 1152489, 1155798, 1160435, 1166486, 1172073, 1174777, 1177529, 1186449, 1187829, 1189998, 1189999, 1191731, 1193629, 1194869, 1195175, 1195655, 1195921, 1196058, 1197534, 1197617, 1198101, 1198400, 1198438, 1198835, 1199304, 1199701, 1200054, 1202353, 1202633, 1203039, 1203200, 1203325, 1203331, 1203332, 1203693, 1203906, 1204356, 1204363, 1204662, 1204993, 1205153, 1205191, 1205205, 1205544, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1205846, 1206024, 1206036, 1206056, 1206057, 1206103, 1206224, 1206232, 1206340, 1206459, 1206492, 1206493, 1206552, 1206578, 1206640, 1206649, 1206677, 1206824, 1206843, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206891, 1206893, 1206894, 1206935, 1206992, 1207034, 1207036, 1207050, 1207051, 1207088, 1207125, 1207149, 1207158, 1207168, 1207185, 1207270, 1207315, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207521, 1207553, 1207560, 1207574, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207827, 1207842, 1207845, 1207875, 1207878, 1207933, 1207935, 1207948, 1208050, 1208076, 1208081, 1208105, 1208107, 1208128, 1208130, 1208149, 1208153, 1208183, 1208212, 1208219, 1208290, 1208368, 1208410, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208542, 1208570, 1208588, 1208598, 1208599, 1208600, 1208601, 1208602, 1208604, 1208605, 1208607, 1208619, 1208628, 1208700, 1208741, 1208758, 1208759, 1208776, 1208777, 1208784, 1208787, 1208815, 1208816, 1208829, 1208837, 1208843, 1208845, 1208848, 1208864, 1208902, 1208948, 1208976, 1209008, 1209039, 1209052, 1209092, 1209159, 1209256, 1209258, 1209262, 1209287, 1209288, 1209290, 1209291, 1209292, 1209366, 1209367, 1209436, 1209457, 1209504, 1209532, 1209556, 1209600, 1209615, 1209635, 1209636, 1209637, 1209684, 1209687, 1209693, 1209739, 1209779, 1209780, 1209788, 1209798, 1209799, 1209804, 1209805, 1209856, 1209871, 1209927, 1209980, 1209982, 1209999, 1210034, 1210050, 1210158, 1210165, 1210202, 1210203, 1210206, 1210216, 1210230, 1210294, 1210301, 1210329, 1210335, 1210336, 1210337, 1210409, 1210439, 1210449, 1210450, 1210453, 1210454, 1210498, 1210506, 1210533, 1210551, 1210565, 1210584, 1210629, 1210644, 1210647, 1210725, 1210741, 1210762, 1210763, 1210764, 1210765, 1210766, 1210767, 1210768, 1210769, 1210770, 1210771, 1210775, 1210783, 1210791, 1210793, 1210806, 1210816, 1210817, 1210827, 1210853, 1210940, 1210943, 1210947, 1210953, 1210986, 1211014, 1211025, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211205, 1211263, 1211280, 1211281, 1211299, 1211346, 1211387, 1211400, 1211410, 1211414, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211593, 1211595, 1211654, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211794, 1211796, 1211804, 1211807, 1211808, 1211820, 1211836, 1211847, 1211852, 1211855, 1211960, 1212051, 1212129, 1212154, 1212155, 1212158, 1212265, 1212350, 1212445, 1212448, 1212456, 1212494, 1212495, 1212504, 1212513, 1212540, 1212556, 1212561, 1212563, 1212564, 1212584, 1212592, 1212603, 1212605, 1212606, 1212619, 1212685, 1212701, 1212741, 1212835, 1212838, 1212842, 1212848, 1212861, 1212869, 1212892, 1212961, 1213010, 1213011, 1213012, 1213013, 1213014, 1213015, 1213016, 1213017, 1213018, 1213019, 1213020, 1213021, 1213024, 1213025, 1213032, 1213034, 1213035, 1213036, 1213037, 1213038, 1213039, 1213040, 1213041, 1213087, 1213088, 1213089, 1213090, 1213092, 1213093, 1213094, 1213095, 1213096, 1213098, 1213099, 1213100, 1213102, 1213103, 1213104, 1213105, 1213106, 1213107, 1213108, 1213109, 1213110, 1213111, 1213112, 1213113, 1213114, 1213116, 1213134 CVE References: CVE-2022-36280, CVE-2022-38096, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2022-4744, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0394, CVE-2023-0461, CVE-2023-0469, CVE-2023-0590, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1077, CVE-2023-1079, CVE-2023-1095, CVE-2023-1118, CVE-2023-1249, CVE-2023-1382, CVE-2023-1513, CVE-2023-1582, CVE-2023-1583, CVE-2023-1611, CVE-2023-1637, CVE-2023-1652, CVE-2023-1670, CVE-2023-1829, CVE-2023-1838, CVE-2023-1855, CVE-2023-1989, CVE-2023-1998, CVE-2023-2002, CVE-2023-21102, CVE-2023-21106, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2176, CVE-2023-2235, CVE-2023-2269, CVE-2023-22998, CVE-2023-23000, CVE-2023-23001, CVE-2023-23004, CVE-2023-23006, CVE-2023-2430, CVE-2023-2483, CVE-2023-25012, CVE-2023-2513, CVE-2023-26545, CVE-2023-28327, CVE-2023-28410, CVE-2023-28464, CVE-2023-28866, CVE-2023-3006, CVE-2023-30456, CVE-2023-30772, CVE-2023-3090, CVE-2023-31084, CVE-2023-3111, CVE-2023-3141, CVE-2023-31436, CVE-2023-3161, CVE-2023-3212, CVE-2023-3220, CVE-2023-32233, CVE-2023-33288, CVE-2023-3357, CVE-2023-3358, CVE-2023-3389, CVE-2023-33951, CVE-2023-33952, CVE-2023-35788, CVE-2023-35823, CVE-2023-35828, CVE-2023-35829 Jira References: PED-1549, PED-3210, PED-3259, PED-3692, PED-370, PED-3750, PED-3759, PED-376, PED-3931, PED-4022, PED-835, SES-1880, SLE-18375, SLE-18377, SLE-18378, SLE-18379, SLE-18383, SLE-18384, SLE-18385, SLE-18978, SLE-18992, SLE-19001, SLE-19253, SLE-19255, SLE-19556 Sources used: openSUSE Leap 15.5 (src): kernel-livepatch-SLE15-SP5_Update_1-1-150500.11.7.1, kernel-syms-5.14.21-150500.55.7.1, kernel-obs-qa-5.14.21-150500.55.7.1, kernel-obs-build-5.14.21-150500.55.7.1, kernel-source-5.14.21-150500.55.7.1, kernel-default-base-5.14.21-150500.55.7.1.150500.6.2.5 Basesystem Module 15-SP5 (src): kernel-source-5.14.21-150500.55.7.1, kernel-default-base-5.14.21-150500.55.7.1.150500.6.2.5 Development Tools Module 15-SP5 (src): kernel-source-5.14.21-150500.55.7.1, kernel-syms-5.14.21-150500.55.7.1, kernel-obs-build-5.14.21-150500.55.7.1 SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5_Update_1-1-150500.11.7.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:4030-1: An update that solves 13 vulnerabilities and has two security fixes can now be installed. Category: security (important) Bug References: 1207036, 1208995, 1210169, 1210643, 1212703, 1214233, 1214351, 1214380, 1214386, 1215115, 1215117, 1215150, 1215221, 1215275, 1215299 CVE References: CVE-2020-36766, CVE-2023-1192, CVE-2023-1206, CVE-2023-1859, CVE-2023-2177, CVE-2023-23454, CVE-2023-40283, CVE-2023-42753, CVE-2023-4389, CVE-2023-4622, CVE-2023-4623, CVE-2023-4881, CVE-2023-4921 Sources used: SUSE Linux Enterprise Live Patching 15-SP2 (src): kernel-livepatch-SLE15-SP2_Update_41-1-150200.5.3.1 SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): kernel-obs-build-5.3.18-150200.24.166.1, kernel-source-5.3.18-150200.24.166.1, kernel-default-base-5.3.18-150200.24.166.1.150200.9.83.1, kernel-syms-5.3.18-150200.24.166.1 SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): kernel-obs-build-5.3.18-150200.24.166.1, kernel-source-5.3.18-150200.24.166.1, kernel-default-base-5.3.18-150200.24.166.1.150200.9.83.1, kernel-syms-5.3.18-150200.24.166.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): kernel-obs-build-5.3.18-150200.24.166.1, kernel-source-5.3.18-150200.24.166.1, kernel-default-base-5.3.18-150200.24.166.1.150200.9.83.1, kernel-syms-5.3.18-150200.24.166.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:4095-1: An update that solves 14 vulnerabilities and has eight security fixes can now be installed. Category: security (important) Bug References: 1176588, 1202845, 1207036, 1207270, 1208995, 1210169, 1210643, 1210658, 1212703, 1213812, 1214233, 1214351, 1214380, 1214386, 1215115, 1215117, 1215150, 1215221, 1215275, 1215299, 1215322, 1215356 CVE References: CVE-2020-36766, CVE-2023-1192, CVE-2023-1206, CVE-2023-1859, CVE-2023-2177, CVE-2023-23454, CVE-2023-4004, CVE-2023-40283, CVE-2023-42753, CVE-2023-4389, CVE-2023-4622, CVE-2023-4623, CVE-2023-4881, CVE-2023-4921 Sources used: SUSE Linux Enterprise Live Patching 15-SP3 (src): kernel-livepatch-SLE15-SP3_Update_37-1-150300.7.5.1 SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): kernel-syms-5.3.18-150300.59.138.1, kernel-source-5.3.18-150300.59.138.1, kernel-obs-build-5.3.18-150300.59.138.1, kernel-default-base-5.3.18-150300.59.138.1.150300.18.80.2 SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): kernel-syms-5.3.18-150300.59.138.1, kernel-source-5.3.18-150300.59.138.1, kernel-obs-build-5.3.18-150300.59.138.1, kernel-default-base-5.3.18-150300.59.138.1.150300.18.80.2 SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): kernel-syms-5.3.18-150300.59.138.1, kernel-source-5.3.18-150300.59.138.1, kernel-obs-build-5.3.18-150300.59.138.1, kernel-default-base-5.3.18-150300.59.138.1.150300.18.80.2 SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): kernel-syms-5.3.18-150300.59.138.1, kernel-source-5.3.18-150300.59.138.1, kernel-obs-build-5.3.18-150300.59.138.1, kernel-default-base-5.3.18-150300.59.138.1.150300.18.80.2 SUSE Manager Proxy 4.2 (src): kernel-source-5.3.18-150300.59.138.1, kernel-default-base-5.3.18-150300.59.138.1.150300.18.80.2 SUSE Manager Retail Branch Server 4.2 (src): kernel-source-5.3.18-150300.59.138.1, kernel-default-base-5.3.18-150300.59.138.1.150300.18.80.2 SUSE Manager Server 4.2 (src): kernel-source-5.3.18-150300.59.138.1, kernel-default-base-5.3.18-150300.59.138.1.150300.18.80.2 SUSE Enterprise Storage 7.1 (src): kernel-syms-5.3.18-150300.59.138.1, kernel-source-5.3.18-150300.59.138.1, kernel-obs-build-5.3.18-150300.59.138.1, kernel-default-base-5.3.18-150300.59.138.1.150300.18.80.2 SUSE Linux Enterprise Micro 5.1 (src): kernel-default-base-5.3.18-150300.59.138.1.150300.18.80.2 SUSE Linux Enterprise Micro 5.2 (src): kernel-default-base-5.3.18-150300.59.138.1.150300.18.80.2 SUSE Linux Enterprise Micro for Rancher 5.2 (src): kernel-default-base-5.3.18-150300.59.138.1.150300.18.80.2 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:0774-1: An update that solves 17 vulnerabilities and has 92 security fixes can now be installed. Category: security (important) Bug References: 1166486, 1177529, 1193629, 1197534, 1198438, 1200054, 1202633, 1203331, 1203332, 1204363, 1204993, 1205544, 1206103, 1206224, 1206232, 1206459, 1206640, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206886, 1206894, 1206935, 1207036, 1207050, 1207051, 1207125, 1207270, 1207328, 1207588, 1207590, 1207591, 1207592, 1207593, 1207594, 1207603, 1207605, 1207606, 1207608, 1207609, 1207613, 1207615, 1207617, 1207618, 1207619, 1207620, 1207621, 1207623, 1207624, 1207625, 1207626, 1207630, 1207631, 1207632, 1207634, 1207635, 1207636, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207768, 1207770, 1207771, 1207773, 1207795, 1207845, 1207875, 1208149, 1208153, 1208183, 1208212, 1208290, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208542, 1208570, 1208607, 1208628, 1208700, 1208741, 1208759, 1208776, 1208784, 1208787, 1208816, 1208837, 1208843, 1209188 CVE References: CVE-2022-3523, CVE-2022-36280, CVE-2022-38096, CVE-2023-0045, CVE-2023-0122, CVE-2023-0461, CVE-2023-0590, CVE-2023-0597, CVE-2023-1118, CVE-2023-22995, CVE-2023-22998, CVE-2023-23000, CVE-2023-23004, CVE-2023-23454, CVE-2023-23455, CVE-2023-23559, CVE-2023-26545 Sources used: openSUSE Leap 15.4 (src): kernel-syms-azure-5.14.21-150400.14.37.1, kernel-source-azure-5.14.21-150400.14.37.1 Public Cloud Module 15-SP4 (src): kernel-syms-azure-5.14.21-150400.14.37.1, kernel-source-azure-5.14.21-150400.14.37.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
done, closing