Bugzilla – Bug 1207125
VUL-0: CVE-2023-23455: kernel: type-confusion in the ATM network scheduler
Last modified: 2024-07-03 09:56:44 UTC
CVE-2023-23455 Date: Tue, 10 Jan 2023 15:07:44 -0700 From: Kyle Zeng <zengyhkyle@...il.com> To: oss-security@...ts.openwall.com Subject: Re: Type Confusion in Linux Kernel Hi John, A crash report is attached to this email. I hope this helps evaluate the security implication of the bug. Best, Kyle Zeng ================================================================== BUG: KASAN: slab-out-of-bounds in cbq_enqueue+0x9d8/0x1fc0 Read of size 1 at addr ffff88806bfd40aa by task sd-resolve/250 CPU: 2 PID: 250 Comm: sd-resolve Not tainted 5.4.188 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 Call Trace: dump_stack+0x19d/0x1e7 print_address_description+0xd7/0xca0 __kasan_report+0x1e0/0x270 kasan_report+0x30/0x60 cbq_enqueue+0x9d8/0x1fc0 __dev_queue_xmit+0x2238/0x49f0 ip_finish_output2+0x1529/0x2430 ip_output+0x358/0x3f0 ip_send_skb+0xec/0x220 udp_send_skb+0xd4f/0x1710 udp_sendmsg+0x3889/0x4ee0 ____sys_sendmsg+0x1083/0x1240 __sys_sendmmsg+0x88d/0xe90 __x64_sys_sendmmsg+0xa1/0xb0 do_syscall_64+0x32f/0x3e0 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x7f188612135f Code: 89 f5 55 53 89 cd 41 89 d4 89 fb 48 83 ec 18 e8 b7 b1 00 00 44 89 e2 41 89 c0 48 63 fb 4c 63 d5 4c 89 ee b8 33 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 1b 44 89 c7 89 44 24 0c e8 ed b1 00 00 8b 44 RSP: 002b:00007f1883b5fc10 EFLAGS: 00000293 ORIG_RAX: 0000000000000133 RAX: ffffffffffffffda RBX: 000000000000000d RCX: 00007f188612135f RDX: 0000000000000002 RSI: 00007f1883b5fdb0 RDI: 000000000000000d RBP: 0000000000004000 R08: 0000000000000000 R09: 0000000000000004 R10: 0000000000004000 R11: 0000000000000293 R12: 0000000000000002 R13: 00007f1883b5fdb0 R14: 0000000008ce68e8 R15: 00007f1883b67db8 Allocated by task 1285: __kasan_kmalloc+0x1d9/0xdf0 tc_new_tfilter+0x1f2e/0x41f0 rtnetlink_rcv_msg+0x777/0x12d0 netlink_rcv_skb+0x39b/0x870 netlink_unicast+0xb45/0xf90 netlink_sendmsg+0x1477/0x1830 ____sys_sendmsg+0x1206/0x1240 __sys_sendmsg+0x48d/0x570 do_syscall_64+0x32f/0x3e0 entry_SYSCALL_64_after_hwframe+0x44/0xa9 Freed by task 106: __kasan_slab_free+0x293/0xe30 kfree+0x33e/0x1010 process_one_work+0xea3/0x17b0 worker_thread+0xecc/0x1a00 kthread+0x33b/0x3a0 ret_from_fork+0x35/0x40 The buggy address belongs to the object at ffff88806bfd4000 which belongs to the cache kmalloc-128 of size 128 The buggy address is located 42 bytes to the right of 128-byte region [ffff88806bfd4000, ffff88806bfd4080) The buggy address belongs to the page: page:ffffea0001aff500 refcount:1 mapcount:0 mapping:ffff88806bc03200 index:0x0 flags: 0x100000000000200(slab) raw: 0100000000000200 ffffea0001a50b40 0000000400000004 ffff88806bc03200 raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 page dumped because: kasan: bad access detected Memory state around the buggy address: ffff88806bfd3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ffff88806bfd4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc >ffff88806bfd4080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ^ ffff88806bfd4100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ffff88806bfd4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ================================================================== References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-23455 http://www.openwall.com/lists/oss-security/2023/01/10/4 http://www.openwall.com/lists/oss-security/2023/01/10/1 https://www.cve.org/CVERecord?id=CVE-2023-23455 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2965c7be0522eaa18808684b7b82b248515511b https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=caa4b35b4317d5147b3ab0fbdc9c075c7d2e9c12
A second CVE was allocated for this bug... Same affectedness as bsc#1207036
Denis, this should be the same thing as bug 1207036 but please verify and include the bug & CVE references into the patches. Thanks!
SUSE-SU-2023:0152-1: An update that solves 19 vulnerabilities, contains three features and has 71 fixes is now available. Category: security (important) Bug References: 1065729,1151927,1156395,1157049,1190969,1203183,1203693,1203740,1204171,1204250,1204614,1204693,1204760,1204989,1205149,1205256,1205495,1205496,1205601,1205695,1206073,1206113,1206114,1206174,1206175,1206176,1206177,1206178,1206179,1206344,1206389,1206393,1206394,1206395,1206397,1206398,1206399,1206515,1206602,1206634,1206635,1206636,1206637,1206640,1206641,1206642,1206643,1206644,1206645,1206646,1206647,1206648,1206649,1206663,1206664,1206784,1206841,1206854,1206855,1206857,1206858,1206859,1206860,1206873,1206875,1206876,1206877,1206878,1206880,1206881,1206882,1206883,1206884,1206885,1206886,1206887,1206888,1206889,1206890,1206891,1206893,1206896,1206904,1207036,1207125,1207134,1207186,1207198,1207218,1207237 CVE References: CVE-2019-19083,CVE-2022-3105,CVE-2022-3106,CVE-2022-3107,CVE-2022-3108,CVE-2022-3111,CVE-2022-3112,CVE-2022-3115,CVE-2022-3435,CVE-2022-3564,CVE-2022-3643,CVE-2022-42328,CVE-2022-42329,CVE-2022-4662,CVE-2022-47520,CVE-2022-47929,CVE-2023-0266,CVE-2023-23454,CVE-2023-23455 JIRA References: PED-1445,PED-1706,PED-568 Sources used: openSUSE Leap Micro 5.2 (src): kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1 openSUSE Leap 15.4 (src): dtb-aarch64-5.3.18-150300.59.109.1 SUSE Manager Server 4.2 (src): kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-zfcpdump-5.3.18-150300.59.109.1 SUSE Manager Retail Branch Server 4.2 (src): kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1 SUSE Manager Proxy 4.2 (src): kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1 SUSE Linux Enterprise Server for SAP 15-SP3 (src): kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1 SUSE Linux Enterprise Server 15-SP3-LTSS (src): kernel-64kb-5.3.18-150300.59.109.1, kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1, kernel-zfcpdump-5.3.18-150300.59.109.1 SUSE Linux Enterprise Realtime Extension 15-SP3 (src): kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1 SUSE Linux Enterprise Module for Live Patching 15-SP3 (src): kernel-default-5.3.18-150300.59.109.1, kernel-livepatch-SLE15-SP3_Update_28-1-150300.7.3.1 SUSE Linux Enterprise Micro 5.2 (src): kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1 SUSE Linux Enterprise Micro 5.1 (src): kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1 SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (src): kernel-64kb-5.3.18-150300.59.109.1, kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1 SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (src): kernel-64kb-5.3.18-150300.59.109.1, kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1 SUSE Linux Enterprise High Availability 15-SP3 (src): kernel-default-5.3.18-150300.59.109.1 SUSE Enterprise Storage 7.1 (src): kernel-64kb-5.3.18-150300.59.109.1, kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
This bug seems to approach a good date for CVE SLA fulfillment [1]. Denis, what is its status, please? Namely these seem missing: - SLE15-SP4 - cve/linux-4.12 (OK in bcs#1207036) - cve/linux-4.4 - cve/linux-3.0 - SLE15-SP5-GA - (stable) . [1] https://confluence.suse.com/display/KSS/Kernel+Security+Sentinel
SUSE-SU-2023:0406-1: An update that solves 16 vulnerabilities, contains one feature and has 14 fixes is now available. Category: security (important) Bug References: 1203183,1203693,1203740,1204171,1204614,1204760,1205149,1206073,1206113,1206114,1206314,1206389,1206393,1206395,1206398,1206399,1206515,1206664,1206677,1206784,1207036,1207125,1207134,1207186,1207188,1207189,1207190,1207237,1207769,1207823 CVE References: CVE-2022-3105,CVE-2022-3107,CVE-2022-3108,CVE-2022-3112,CVE-2022-3115,CVE-2022-3435,CVE-2022-3564,CVE-2022-3643,CVE-2022-42328,CVE-2022-42329,CVE-2022-4662,CVE-2022-47520,CVE-2022-47929,CVE-2023-0266,CVE-2023-23454,CVE-2023-23455 JIRA References: PED-1706 Sources used: SUSE Linux Enterprise Server for SAP 15-SP2 (src): kernel-default-5.3.18-150200.24.142.1, kernel-default-base-5.3.18-150200.24.142.1.150200.9.67.1, kernel-docs-5.3.18-150200.24.142.1, kernel-obs-build-5.3.18-150200.24.142.1, kernel-preempt-5.3.18-150200.24.142.1, kernel-source-5.3.18-150200.24.142.1, kernel-syms-5.3.18-150200.24.142.1 SUSE Linux Enterprise Server 15-SP2-LTSS (src): kernel-default-5.3.18-150200.24.142.1, kernel-default-base-5.3.18-150200.24.142.1.150200.9.67.1, kernel-docs-5.3.18-150200.24.142.1, kernel-obs-build-5.3.18-150200.24.142.1, kernel-preempt-5.3.18-150200.24.142.1, kernel-source-5.3.18-150200.24.142.1, kernel-syms-5.3.18-150200.24.142.1 SUSE Linux Enterprise Module for Live Patching 15-SP2 (src): kernel-default-5.3.18-150200.24.142.1, kernel-livepatch-SLE15-SP2_Update_33-1-150200.5.3.1 SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src): kernel-default-5.3.18-150200.24.142.1, kernel-default-base-5.3.18-150200.24.142.1.150200.9.67.1, kernel-docs-5.3.18-150200.24.142.1, kernel-obs-build-5.3.18-150200.24.142.1, kernel-preempt-5.3.18-150200.24.142.1, kernel-source-5.3.18-150200.24.142.1, kernel-syms-5.3.18-150200.24.142.1 SUSE Linux Enterprise High Availability 15-SP2 (src): kernel-default-5.3.18-150200.24.142.1 SUSE Enterprise Storage 7 (src): kernel-default-5.3.18-150200.24.142.1, kernel-default-base-5.3.18-150200.24.142.1.150200.9.67.1, kernel-docs-5.3.18-150200.24.142.1, kernel-obs-build-5.3.18-150200.24.142.1, kernel-preempt-5.3.18-150200.24.142.1, kernel-source-5.3.18-150200.24.142.1, kernel-syms-5.3.18-150200.24.142.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:0420-1: An update that solves 9 vulnerabilities and has three fixes is now available. Category: security (important) Bug References: 1108488,1205705,1205709,1206073,1206113,1206664,1206677,1206784,1207036,1207125,1207186,1207237 CVE References: CVE-2018-9517,CVE-2022-3564,CVE-2022-3643,CVE-2022-42895,CVE-2022-42896,CVE-2022-4662,CVE-2022-47929,CVE-2023-23454,CVE-2023-23455 JIRA References: Sources used: SUSE Linux Enterprise Server 12-SP2-BCL (src): kernel-default-4.4.121-92.199.1, kernel-source-4.4.121-92.199.1, kernel-syms-4.4.121-92.199.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:0433-1: An update that solves 9 vulnerabilities, contains two features and has 42 fixes is now available. Category: security (important) Bug References: 1065729,1185861,1185863,1186449,1191256,1192868,1193629,1194869,1195175,1195655,1196058,1199701,1204063,1204356,1204662,1205495,1206006,1206036,1206056,1206057,1206258,1206363,1206459,1206616,1206677,1206784,1207010,1207034,1207036,1207050,1207125,1207134,1207149,1207158,1207184,1207186,1207190,1207237,1207263,1207269,1207497,1207500,1207501,1207506,1207507,1207734,1207769,1207795,1207842,1207878,1207933 CVE References: CVE-2020-24588,CVE-2022-4382,CVE-2022-47929,CVE-2023-0122,CVE-2023-0179,CVE-2023-0266,CVE-2023-0590,CVE-2023-23454,CVE-2023-23455 JIRA References: SLE-21132,SLE-24682 Sources used: openSUSE Leap Micro 5.3 (src): kernel-default-5.14.21-150400.24.46.1, kernel-default-base-5.14.21-150400.24.46.1.150400.24.17.3 openSUSE Leap 15.4 (src): dtb-aarch64-5.14.21-150400.24.46.1, kernel-64kb-5.14.21-150400.24.46.1, kernel-debug-5.14.21-150400.24.46.1, kernel-default-5.14.21-150400.24.46.1, kernel-default-base-5.14.21-150400.24.46.1.150400.24.17.3, kernel-docs-5.14.21-150400.24.46.2, kernel-kvmsmall-5.14.21-150400.24.46.1, kernel-obs-build-5.14.21-150400.24.46.1, kernel-obs-qa-5.14.21-150400.24.46.1, kernel-source-5.14.21-150400.24.46.1, kernel-syms-5.14.21-150400.24.46.1, kernel-zfcpdump-5.14.21-150400.24.46.1 SUSE Linux Enterprise Workstation Extension 15-SP4 (src): kernel-default-5.14.21-150400.24.46.1 SUSE Linux Enterprise Module for Live Patching 15-SP4 (src): kernel-default-5.14.21-150400.24.46.1, kernel-livepatch-SLE15-SP4_Update_8-1-150400.9.3.3 SUSE Linux Enterprise Module for Legacy Software 15-SP4 (src): kernel-default-5.14.21-150400.24.46.1 SUSE Linux Enterprise Module for Development Tools 15-SP4 (src): kernel-docs-5.14.21-150400.24.46.2, kernel-obs-build-5.14.21-150400.24.46.1, kernel-source-5.14.21-150400.24.46.1, kernel-syms-5.14.21-150400.24.46.1 SUSE Linux Enterprise Module for Basesystem 15-SP4 (src): kernel-64kb-5.14.21-150400.24.46.1, kernel-default-5.14.21-150400.24.46.1, kernel-default-base-5.14.21-150400.24.46.1.150400.24.17.3, kernel-source-5.14.21-150400.24.46.1, kernel-zfcpdump-5.14.21-150400.24.46.1 SUSE Linux Enterprise Micro 5.3 (src): kernel-default-5.14.21-150400.24.46.1, kernel-default-base-5.14.21-150400.24.46.1.150400.24.17.3 SUSE Linux Enterprise High Availability 15-SP4 (src): kernel-default-5.14.21-150400.24.46.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:0488-1: An update that solves 11 vulnerabilities, contains two features and has 133 fixes can now be installed. Category: security (important) Bug References: 1166486, 1185861, 1185863, 1186449, 1191256, 1192868, 1193629, 1194869, 1195175, 1195655, 1196058, 1199701, 1203332, 1204063, 1204356, 1204662, 1205495, 1206006, 1206036, 1206056, 1206057, 1206224, 1206258, 1206363, 1206459, 1206616, 1206640, 1206677, 1206784, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206893, 1206894, 1207010, 1207034, 1207036, 1207050, 1207125, 1207134, 1207149, 1207158, 1207184, 1207186, 1207188, 1207189, 1207190, 1207237, 1207263, 1207269, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207842, 1207875, 1207878, 1207933, 1208030, 1208044, 1208085, 1208149, 1208153, 1208183, 1208428, 1208429 CVE References: CVE-2020-24588, CVE-2022-36280, CVE-2022-4382, CVE-2022-47929, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0266, CVE-2023-0590, CVE-2023-23454, CVE-2023-23455 Jira References: PED-3210, SLE-21132 Sources used: openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1 SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_3-1-150400.1.3.1 SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.11.1, kernel-syms-rt-5.14.21-150400.15.11.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:0591-1: An update that solves six vulnerabilities, contains two features and has 51 fixes can now be installed. Category: security (important) Bug References: 1065729, 1156395, 1203740, 1204614, 1204989, 1205496, 1205601, 1205695, 1206073, 1206344, 1206393, 1206399, 1206515, 1206602, 1206634, 1206635, 1206636, 1206637, 1206640, 1206641, 1206642, 1206643, 1206644, 1206645, 1206646, 1206647, 1206648, 1206649, 1206841, 1206854, 1206855, 1206857, 1206858, 1206859, 1206860, 1206873, 1206875, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206891, 1206893, 1206896, 1206904, 1207036, 1207125 CVE References: CVE-2022-3112, CVE-2022-3115, CVE-2022-3564, CVE-2022-47520, CVE-2023-23454, CVE-2023-23455 Jira References: PED-1445, PED-568 Sources used: SUSE Real Time Module 15-SP3 (src): kernel-syms-rt-5.3.18-150300.118.1, kernel-source-rt-5.3.18-150300.118.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Update: This CVE-2023-23455 is not mentioned in cve/linux-4.12. But the fix is there via the duplicate CVE-2023-23454, see the bug #1207036. It is mentioned in all other branches or at least in a parent branch where it it going to be merged from. Denis, could you please add the CVE-2023-23455 reference into cve/linux-4.12?
(In reply to Petr Mladek from comment #41) > Denis, could you please add the CVE-2023-23455 reference into cve/linux-4.12? I've added the refs in users/mkoutny/cve/linux-4.12/bsc1207125, so if these are really dupes, you can take it. BUT -- (In reply to Nicolai Stange from bug 1207036, comment 20) > Upstream commit caa4b35b4317 ("net: sched: cbq: dont intepret cls results > when asked to drop") looks bogus to me: it removes a switch case branch > where the preceeding one used to fallthrough into. Denis, could you have a > look and check whether or not this is a potential problem? I agree with Nicolai, the the change make TC_ACT_TRAP behave like added TC_ACT_RECLASSIFY. __NET_XMIT_STOLEN + possibly not-trivial cbq_class. I like the upstream fixup: commit 051d442098421c28c7951625652f61b1e15c4bd5 Author: Jamal Hadi Salim <jhs@mojatatu.com> Date: Tue Feb 14 08:49:11 2023 -0500 net/sched: Retire CBQ qdisc ... 4 files changed, 1929 deletions(-) Our downstream fixup would be diff --git a/net/sched/sch_cbq.c b/net/sched/sch_cbq.c index fab6b5c4c319..fce45a42d471 100644 --- a/net/sched/sch_cbq.c +++ b/net/sched/sch_cbq.c @@ -252,7 +252,7 @@ cbq_classify(struct sk_buff *skb, struct Qdisc *sch, int *qerr) case TC_ACT_STOLEN: case TC_ACT_TRAP: *qerr = NET_XMIT_SUCCESS | __NET_XMIT_STOLEN; - fallthrough; + return NULL; case TC_ACT_RECLASSIFY: return cbq_reclassify(skb, cl); }
(In reply to Michal Koutný from comment #44) > (In reply to Petr Mladek from comment #41) > > Denis, could you please add the CVE-2023-23455 reference into cve/linux-4.12? > > I've added the refs in users/mkoutny/cve/linux-4.12/bsc1207125, so if these > are really dupes, you can take it. > > BUT -- > > (In reply to Nicolai Stange from bug 1207036, comment 20) > > Upstream commit caa4b35b4317 ("net: sched: cbq: dont intepret cls results > > when asked to drop") looks bogus to me: it removes a switch case branch > > where the preceeding one used to fallthrough into. Denis, could you have a > > look and check whether or not this is a potential problem? > > I agree with Nicolai, the the change make TC_ACT_TRAP behave like added > TC_ACT_RECLASSIFY. __NET_XMIT_STOLEN + possibly not-trivial cbq_class. > > I like the upstream fixup: > commit 051d442098421c28c7951625652f61b1e15c4bd5 > Author: Jamal Hadi Salim <jhs@mojatatu.com> > Date: Tue Feb 14 08:49:11 2023 -0500 > > net/sched: Retire CBQ qdisc > ... > 4 files changed, 1929 deletions(-) > > Our downstream fixup would be > > diff --git a/net/sched/sch_cbq.c b/net/sched/sch_cbq.c > index fab6b5c4c319..fce45a42d471 100644 > --- a/net/sched/sch_cbq.c > +++ b/net/sched/sch_cbq.c > @@ -252,7 +252,7 @@ cbq_classify(struct sk_buff *skb, struct Qdisc *sch, int > *qerr) > case TC_ACT_STOLEN: > case TC_ACT_TRAP: > *qerr = NET_XMIT_SUCCESS | __NET_XMIT_STOLEN; > - fallthrough; > + return NULL; > case TC_ACT_RECLASSIFY: > return cbq_reclassify(skb, cl); > } I've merged you branch with the fix applied. Thanks
SUSE-SU-2023:1608-1: An update that solves 24 vulnerabilities and has 112 fixes can now be installed. Category: security (important) Bug References: 1166486, 1177529, 1193629, 1197534, 1197617, 1198438, 1200054, 1202353, 1202633, 1203200, 1203331, 1203332, 1204363, 1204993, 1205544, 1205846, 1206103, 1206224, 1206232, 1206459, 1206492, 1206493, 1206640, 1206824, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206886, 1206894, 1206935, 1207036, 1207050, 1207051, 1207125, 1207270, 1207328, 1207529, 1207560, 1207588, 1207590, 1207591, 1207592, 1207593, 1207594, 1207603, 1207605, 1207606, 1207608, 1207609, 1207613, 1207615, 1207617, 1207618, 1207619, 1207620, 1207621, 1207623, 1207624, 1207625, 1207626, 1207630, 1207631, 1207632, 1207634, 1207635, 1207636, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207768, 1207770, 1207771, 1207773, 1207795, 1207845, 1207875, 1208149, 1208153, 1208179, 1208183, 1208212, 1208290, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208542, 1208570, 1208598, 1208599, 1208601, 1208605, 1208607, 1208628, 1208700, 1208741, 1208759, 1208776, 1208777, 1208784, 1208787, 1208816, 1208829, 1208837, 1208843, 1208848, 1209008, 1209159, 1209188, 1209256, 1209258, 1209262, 1209291, 1209436, 1209457, 1209504, 1209572 CVE References: CVE-2022-3523, CVE-2022-36280, CVE-2022-38096, CVE-2023-0045, CVE-2023-0122, CVE-2023-0461, CVE-2023-0590, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1078, CVE-2023-1095, CVE-2023-1118, CVE-2023-22995, CVE-2023-22998, CVE-2023-23000, CVE-2023-23001, CVE-2023-23004, CVE-2023-23454, CVE-2023-23455, CVE-2023-23559, CVE-2023-25012, CVE-2023-26545, CVE-2023-28328 Sources used: openSUSE Leap 15.4 (src): kernel-syms-azure-5.14.21-150400.14.40.1, kernel-source-azure-5.14.21-150400.14.40.1 Public Cloud Module 15-SP4 (src): kernel-syms-azure-5.14.21-150400.14.40.1, kernel-source-azure-5.14.21-150400.14.40.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:1803-1: An update that solves 14 vulnerabilities, contains one feature and has 23 fixes can now be installed. Category: security (important) Bug References: 1065729, 1076830, 1109158, 1181001, 1191924, 1193231, 1199837, 1203092, 1203693, 1206010, 1207001, 1207036, 1207125, 1207795, 1207890, 1208048, 1208179, 1208599, 1208777, 1208850, 1209008, 1209052, 1209118, 1209126, 1209256, 1209289, 1209291, 1209292, 1209532, 1209547, 1209549, 1209556, 1209572, 1209634, 1209684, 1209778, 1209798 CVE References: CVE-2017-5753, CVE-2021-3923, CVE-2022-20567, CVE-2023-0590, CVE-2023-1076, CVE-2023-1095, CVE-2023-1281, CVE-2023-1390, CVE-2023-1513, CVE-2023-23454, CVE-2023-23455, CVE-2023-28328, CVE-2023-28464, CVE-2023-28772 Jira References: ECO-3191 Sources used: SUSE Linux Enterprise Live Patching 12-SP5 (src): kgraft-patch-SLE12-SP5_Update_42-1-8.3.1 SUSE Linux Enterprise Software Development Kit 12 SP5 (src): kernel-obs-build-4.12.14-122.156.1 SUSE Linux Enterprise High Performance Computing 12 SP5 (src): kernel-syms-4.12.14-122.156.1, kernel-source-4.12.14-122.156.1 SUSE Linux Enterprise Server 12 SP5 (src): kernel-syms-4.12.14-122.156.1, kernel-source-4.12.14-122.156.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): kernel-syms-4.12.14-122.156.1, kernel-source-4.12.14-122.156.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:1801-1: An update that solves 14 vulnerabilities, contains one feature and has 19 fixes can now be installed. Category: security (important) Bug References: 1065729, 1076830, 1109158, 1181001, 1193231, 1199837, 1203693, 1206010, 1207001, 1207036, 1207125, 1207795, 1207890, 1208048, 1208599, 1208777, 1208850, 1209052, 1209118, 1209126, 1209256, 1209289, 1209291, 1209292, 1209532, 1209547, 1209549, 1209556, 1209572, 1209634, 1209684, 1209778, 1209798 CVE References: CVE-2017-5753, CVE-2021-3923, CVE-2022-20567, CVE-2023-0590, CVE-2023-1076, CVE-2023-1095, CVE-2023-1281, CVE-2023-1390, CVE-2023-1513, CVE-2023-23454, CVE-2023-23455, CVE-2023-28328, CVE-2023-28464, CVE-2023-28772 Jira References: ECO-3191 Sources used: SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): kernel-source-azure-4.12.14-16.130.1, kernel-syms-azure-4.12.14-16.130.1 SUSE Linux Enterprise High Performance Computing 12 SP5 (src): kernel-source-azure-4.12.14-16.130.1, kernel-syms-azure-4.12.14-16.130.1 SUSE Linux Enterprise Server 12 SP5 (src): kernel-source-azure-4.12.14-16.130.1, kernel-syms-azure-4.12.14-16.130.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
(In reply to Denis Kirjanov from comment #45) > (In reply to Michal Koutný from comment #44) > > diff --git a/net/sched/sch_cbq.c b/net/sched/sch_cbq.c > > index fab6b5c4c319..fce45a42d471 100644 > > --- a/net/sched/sch_cbq.c > > +++ b/net/sched/sch_cbq.c > > @@ -252,7 +252,7 @@ cbq_classify(struct sk_buff *skb, struct Qdisc *sch, int > > *qerr) > > case TC_ACT_STOLEN: > > case TC_ACT_TRAP: > > *qerr = NET_XMIT_SUCCESS | __NET_XMIT_STOLEN; > > - fallthrough; > > + return NULL; > > case TC_ACT_RECLASSIFY: > > return cbq_reclassify(skb, cl); > > } > > I've merged you branch with the fix applied. Thanks I still don't see this fix anywhere, or am I missing anything?
SUSE-SU-2023:1848-1: An update that solves 15 vulnerabilities and has nine fixes can now be installed. Category: security (important) Bug References: 1076830, 1192273, 1194535, 1207036, 1207125, 1207168, 1207795, 1208179, 1208599, 1208777, 1208811, 1208850, 1209008, 1209052, 1209256, 1209289, 1209291, 1209532, 1209547, 1209549, 1209634, 1209778, 1209845, 1209887 CVE References: CVE-2017-5753, CVE-2021-3923, CVE-2021-4203, CVE-2022-20567, CVE-2023-0590, CVE-2023-1076, CVE-2023-1095, CVE-2023-1281, CVE-2023-1390, CVE-2023-1513, CVE-2023-23454, CVE-2023-23455, CVE-2023-28328, CVE-2023-28464, CVE-2023-28772 Sources used: SUSE Linux Enterprise Live Patching 15-SP1 (src): kernel-livepatch-SLE15-SP1_Update_39-1-150100.3.5.1 SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (src): kernel-syms-4.12.14-150100.197.142.1, kernel-obs-build-4.12.14-150100.197.142.1, kernel-source-4.12.14-150100.197.142.1 SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (src): kernel-syms-4.12.14-150100.197.142.1, kernel-obs-build-4.12.14-150100.197.142.1, kernel-source-4.12.14-150100.197.142.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1 (src): kernel-syms-4.12.14-150100.197.142.1, kernel-obs-build-4.12.14-150100.197.142.1, kernel-source-4.12.14-150100.197.142.1 SUSE CaaS Platform 4.0 (src): kernel-syms-4.12.14-150100.197.142.1, kernel-obs-build-4.12.14-150100.197.142.1, kernel-source-4.12.14-150100.197.142.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:1894-1: An update that solves 14 vulnerabilities and has 20 fixes can now be installed. Category: security (important) Bug References: 1065729, 1109158, 1142926, 1181001, 1193231, 1199837, 1203693, 1206010, 1207001, 1207125, 1207890, 1208048, 1208599, 1208777, 1208850, 1209052, 1209118, 1209126, 1209256, 1209289, 1209291, 1209292, 1209532, 1209547, 1209549, 1209556, 1209572, 1209613, 1209634, 1209684, 1209687, 1209777, 1209778, 1209798 CVE References: CVE-2017-5753, CVE-2020-36691, CVE-2021-3923, CVE-2022-20567, CVE-2023-1076, CVE-2023-1095, CVE-2023-1281, CVE-2023-1390, CVE-2023-1513, CVE-2023-1611, CVE-2023-23455, CVE-2023-28328, CVE-2023-28464, CVE-2023-28772 Sources used: SUSE Linux Enterprise Real Time 12 SP5 (src): kernel-syms-rt-4.12.14-10.121.1, kernel-source-rt-4.12.14-10.121.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:2232-1: An update that solves 28 vulnerabilities and has 14 fixes can now be installed. Category: security (important) Bug References: 1076830, 1194535, 1202353, 1205128, 1207036, 1207125, 1207168, 1207185, 1207795, 1207845, 1208179, 1208333, 1208599, 1208777, 1208837, 1208850, 1209008, 1209052, 1209256, 1209289, 1209291, 1209532, 1209547, 1209549, 1209613, 1209687, 1209777, 1209778, 1209845, 1209871, 1209887, 1210124, 1210202, 1210301, 1210329, 1210336, 1210337, 1210469, 1210498, 1210506, 1210647, 1211037 CVE References: CVE-2017-5753, CVE-2020-36691, CVE-2021-3923, CVE-2021-4203, CVE-2022-20567, CVE-2022-43945, CVE-2023-0590, CVE-2023-0597, CVE-2023-1076, CVE-2023-1095, CVE-2023-1118, CVE-2023-1390, CVE-2023-1513, CVE-2023-1611, CVE-2023-1670, CVE-2023-1855, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-23454, CVE-2023-23455, CVE-2023-2483, CVE-2023-28328, CVE-2023-28464, CVE-2023-28772, CVE-2023-30772 Sources used: SUSE OpenStack Cloud 9 (src): kernel-source-4.12.14-95.125.1, kernel-syms-4.12.14-95.125.1 SUSE OpenStack Cloud Crowbar 9 (src): kernel-source-4.12.14-95.125.1, kernel-syms-4.12.14-95.125.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4 (src): kernel-source-4.12.14-95.125.1, kernel-syms-4.12.14-95.125.1, drbd-9.0.14+git.62f906cf-4.26.2 SUSE Linux Enterprise High Availability Extension 12 SP4 (src): drbd-9.0.14+git.62f906cf-4.26.2 SUSE Linux Enterprise Live Patching 12-SP4 (src): kgraft-patch-SLE12-SP4_Update_35-1-6.5.1 SUSE Linux Enterprise Server 12 SP4 ESPOS 12-SP4 (src): kernel-source-4.12.14-95.125.1, kernel-syms-4.12.14-95.125.1 SUSE Linux Enterprise Server 12 SP4 LTSS 12-SP4 (src): kernel-source-4.12.14-95.125.1, kernel-syms-4.12.14-95.125.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:2506-1: An update that solves 14 vulnerabilities and has one fix can now be installed. Category: security (important) Bug References: 1108488, 1204414, 1207036, 1207051, 1207125, 1207795, 1208837, 1209008, 1209256, 1209291, 1209532, 1209871, 1210336, 1210647, 1211186 CVE References: CVE-2017-5753, CVE-2018-9517, CVE-2022-3567, CVE-2023-0590, CVE-2023-1118, CVE-2023-1513, CVE-2023-1670, CVE-2023-1989, CVE-2023-2162, CVE-2023-23454, CVE-2023-23455, CVE-2023-23559, CVE-2023-28328, CVE-2023-32269 Sources used: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 (src): kernel-syms-3.0.101-108.141.1, kernel-source-3.0.101-108.141.1 SUSE Linux Enterprise Server 11 SP4 (src): kernel-syms-3.0.101-108.141.1, kernel-source-3.0.101-108.141.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:2805-1: An update that solves 38 vulnerabilities and has four fixes can now be installed. Category: security (important) Bug References: 1126703, 1204405, 1205756, 1205758, 1205760, 1205762, 1205803, 1206878, 1207036, 1207125, 1207168, 1207795, 1208600, 1208777, 1208837, 1209008, 1209039, 1209052, 1209256, 1209287, 1209289, 1209291, 1209532, 1209549, 1209687, 1209871, 1210329, 1210336, 1210337, 1210498, 1210506, 1210647, 1210715, 1210940, 1211105, 1211186, 1211449, 1212128, 1212129, 1212154, 1212501, 1212842 CVE References: CVE-2017-5753, CVE-2018-20784, CVE-2022-3566, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-0590, CVE-2023-1077, CVE-2023-1095, CVE-2023-1118, CVE-2023-1249, CVE-2023-1380, CVE-2023-1390, CVE-2023-1513, CVE-2023-1611, CVE-2023-1670, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-2194, CVE-2023-23454, CVE-2023-23455, CVE-2023-2513, CVE-2023-28328, CVE-2023-28464, CVE-2023-28772, CVE-2023-30772, CVE-2023-3090, CVE-2023-3141, CVE-2023-31436, CVE-2023-3159, CVE-2023-3161, CVE-2023-32269, CVE-2023-35824 Sources used: SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 (src): kernel-syms-4.4.121-92.205.1, kernel-source-4.4.121-92.205.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:2809-1: An update that solves 84 vulnerabilities, contains 25 features and has 320 fixes can now be installed. Category: security (important) Bug References: 1065729, 1109158, 1142685, 1152472, 1152489, 1155798, 1160435, 1166486, 1172073, 1174777, 1177529, 1185861, 1186449, 1189998, 1189999, 1191731, 1193629, 1194869, 1195175, 1195655, 1195921, 1196058, 1197534, 1197617, 1198101, 1198400, 1198438, 1198835, 1199304, 1199701, 1200054, 1202353, 1202633, 1203039, 1203200, 1203325, 1203331, 1203332, 1203693, 1203906, 1204356, 1204363, 1204662, 1204993, 1205153, 1205191, 1205205, 1205544, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1205846, 1206024, 1206036, 1206056, 1206057, 1206103, 1206224, 1206232, 1206340, 1206459, 1206492, 1206493, 1206578, 1206640, 1206649, 1206824, 1206843, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206891, 1206893, 1206894, 1206935, 1206992, 1207034, 1207036, 1207050, 1207051, 1207088, 1207125, 1207149, 1207158, 1207168, 1207185, 1207270, 1207315, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207521, 1207553, 1207560, 1207574, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207827, 1207842, 1207845, 1207875, 1207878, 1207933, 1207935, 1207948, 1208050, 1208076, 1208081, 1208105, 1208107, 1208128, 1208130, 1208149, 1208153, 1208183, 1208212, 1208219, 1208290, 1208368, 1208410, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208542, 1208570, 1208588, 1208598, 1208599, 1208600, 1208601, 1208602, 1208604, 1208605, 1208607, 1208619, 1208628, 1208700, 1208741, 1208758, 1208759, 1208776, 1208777, 1208784, 1208787, 1208815, 1208816, 1208829, 1208837, 1208843, 1208845, 1208848, 1208864, 1208902, 1208948, 1208976, 1209008, 1209039, 1209052, 1209092, 1209159, 1209256, 1209258, 1209262, 1209287, 1209288, 1209290, 1209291, 1209292, 1209366, 1209367, 1209436, 1209457, 1209504, 1209532, 1209556, 1209600, 1209615, 1209635, 1209636, 1209637, 1209684, 1209687, 1209693, 1209739, 1209779, 1209780, 1209788, 1209798, 1209799, 1209804, 1209805, 1209856, 1209871, 1209927, 1209980, 1209982, 1209999, 1210034, 1210050, 1210158, 1210165, 1210202, 1210203, 1210206, 1210216, 1210230, 1210294, 1210301, 1210329, 1210336, 1210337, 1210409, 1210439, 1210449, 1210450, 1210453, 1210454, 1210469, 1210498, 1210506, 1210533, 1210551, 1210629, 1210644, 1210647, 1210725, 1210741, 1210762, 1210763, 1210764, 1210765, 1210766, 1210767, 1210768, 1210769, 1210770, 1210771, 1210775, 1210783, 1210791, 1210793, 1210806, 1210816, 1210817, 1210827, 1210940, 1210943, 1210947, 1210953, 1210986, 1211025, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211205, 1211263, 1211280, 1211281, 1211299, 1211346, 1211387, 1211400, 1211410, 1211414, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211593, 1211595, 1211654, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211794, 1211796, 1211804, 1211807, 1211808, 1211820, 1211836, 1211847, 1211852, 1211855, 1211960, 1212129, 1212154, 1212155, 1212158, 1212350, 1212405, 1212445, 1212448, 1212494, 1212495, 1212504, 1212513, 1212540, 1212556, 1212561, 1212563, 1212564, 1212584, 1212592, 1212605, 1212606, 1212619, 1212701, 1212741 CVE References: CVE-2020-24588, CVE-2022-2196, CVE-2022-3523, CVE-2022-36280, CVE-2022-38096, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2022-4744, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0386, CVE-2023-0394, CVE-2023-0461, CVE-2023-0469, CVE-2023-0590, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1077, CVE-2023-1078, CVE-2023-1079, CVE-2023-1095, CVE-2023-1118, CVE-2023-1249, CVE-2023-1382, CVE-2023-1513, CVE-2023-1582, CVE-2023-1583, CVE-2023-1611, CVE-2023-1637, CVE-2023-1652, CVE-2023-1670, CVE-2023-1838, CVE-2023-1855, CVE-2023-1989, CVE-2023-1998, CVE-2023-2002, CVE-2023-21102, CVE-2023-21106, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2176, CVE-2023-2235, CVE-2023-2269, CVE-2023-22998, CVE-2023-23000, CVE-2023-23001, CVE-2023-23004, CVE-2023-23006, CVE-2023-23454, CVE-2023-23455, CVE-2023-2483, CVE-2023-25012, CVE-2023-2513, CVE-2023-26545, CVE-2023-28327, CVE-2023-28410, CVE-2023-28464, CVE-2023-28466, CVE-2023-28866, CVE-2023-3006, CVE-2023-30456, CVE-2023-30772, CVE-2023-31084, CVE-2023-3141, CVE-2023-31436, CVE-2023-3161, CVE-2023-3220, CVE-2023-32233, CVE-2023-33288, CVE-2023-3357, CVE-2023-3358, CVE-2023-33951, CVE-2023-33952, CVE-2023-35788, CVE-2023-35823, CVE-2023-35828, CVE-2023-35829 Jira References: PED-1549, PED-3210, PED-3259, PED-3692, PED-370, PED-3750, PED-3759, PED-376, PED-3931, PED-4022, PED-835, SES-1880, SLE-18375, SLE-18377, SLE-18378, SLE-18379, SLE-18383, SLE-18384, SLE-18385, SLE-18978, SLE-18992, SLE-19001, SLE-19253, SLE-19255, SLE-19556 Sources used: openSUSE Leap 15.5 (src): kernel-livepatch-SLE15-SP5-RT_Update_1-1-150500.11.5.1, kernel-syms-rt-5.14.21-150500.13.5.1, kernel-source-rt-5.14.21-150500.13.5.1 SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5-RT_Update_1-1-150500.11.5.1 SUSE Real Time Module 15-SP5 (src): kernel-syms-rt-5.14.21-150500.13.5.1, kernel-source-rt-5.14.21-150500.13.5.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:2871-1: An update that solves 82 vulnerabilities, contains 25 features and has 390 fixes can now be installed. Category: security (important) Bug References: 1065729, 1109158, 1142685, 1152472, 1152489, 1155798, 1160435, 1166486, 1172073, 1174777, 1177529, 1186449, 1187829, 1189998, 1189999, 1191731, 1193629, 1194869, 1195175, 1195655, 1195921, 1196058, 1197534, 1197617, 1198101, 1198400, 1198438, 1198835, 1199304, 1199701, 1200054, 1202353, 1202633, 1203039, 1203200, 1203325, 1203331, 1203332, 1203693, 1203906, 1204356, 1204363, 1204662, 1204993, 1205153, 1205191, 1205205, 1205544, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1205846, 1206024, 1206036, 1206056, 1206057, 1206103, 1206224, 1206232, 1206340, 1206459, 1206492, 1206493, 1206552, 1206578, 1206640, 1206649, 1206677, 1206824, 1206843, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206891, 1206893, 1206894, 1206935, 1206992, 1207034, 1207036, 1207050, 1207051, 1207088, 1207125, 1207149, 1207158, 1207168, 1207185, 1207270, 1207315, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207521, 1207553, 1207560, 1207574, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207827, 1207842, 1207845, 1207875, 1207878, 1207933, 1207935, 1207948, 1208050, 1208076, 1208081, 1208105, 1208107, 1208128, 1208130, 1208149, 1208153, 1208183, 1208212, 1208219, 1208290, 1208368, 1208410, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208542, 1208570, 1208588, 1208598, 1208599, 1208600, 1208601, 1208602, 1208604, 1208605, 1208607, 1208619, 1208628, 1208700, 1208741, 1208758, 1208759, 1208776, 1208777, 1208784, 1208787, 1208815, 1208816, 1208829, 1208837, 1208843, 1208845, 1208848, 1208864, 1208902, 1208948, 1208976, 1209008, 1209039, 1209052, 1209092, 1209159, 1209256, 1209258, 1209262, 1209287, 1209288, 1209290, 1209291, 1209292, 1209366, 1209367, 1209436, 1209457, 1209504, 1209532, 1209556, 1209600, 1209615, 1209635, 1209636, 1209637, 1209684, 1209687, 1209693, 1209739, 1209779, 1209780, 1209788, 1209798, 1209799, 1209804, 1209805, 1209856, 1209871, 1209927, 1209980, 1209982, 1209999, 1210034, 1210050, 1210158, 1210165, 1210202, 1210203, 1210206, 1210216, 1210230, 1210294, 1210301, 1210329, 1210335, 1210336, 1210337, 1210409, 1210439, 1210449, 1210450, 1210453, 1210454, 1210498, 1210506, 1210533, 1210551, 1210565, 1210584, 1210629, 1210644, 1210647, 1210725, 1210741, 1210762, 1210763, 1210764, 1210765, 1210766, 1210767, 1210768, 1210769, 1210770, 1210771, 1210775, 1210783, 1210791, 1210793, 1210806, 1210816, 1210817, 1210827, 1210853, 1210940, 1210943, 1210947, 1210953, 1210986, 1211014, 1211025, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211205, 1211263, 1211280, 1211281, 1211299, 1211346, 1211387, 1211400, 1211410, 1211414, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211593, 1211595, 1211654, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211794, 1211796, 1211804, 1211807, 1211808, 1211820, 1211836, 1211847, 1211852, 1211855, 1211960, 1212051, 1212129, 1212154, 1212155, 1212158, 1212265, 1212350, 1212445, 1212448, 1212456, 1212494, 1212495, 1212504, 1212513, 1212540, 1212556, 1212561, 1212563, 1212564, 1212584, 1212592, 1212603, 1212605, 1212606, 1212619, 1212685, 1212701, 1212741, 1212835, 1212838, 1212842, 1212848, 1212861, 1212869, 1212892, 1212961, 1213010, 1213011, 1213012, 1213013, 1213014, 1213015, 1213016, 1213017, 1213018, 1213019, 1213020, 1213021, 1213024, 1213025, 1213032, 1213034, 1213035, 1213036, 1213037, 1213038, 1213039, 1213040, 1213041, 1213087, 1213088, 1213089, 1213090, 1213092, 1213093, 1213094, 1213095, 1213096, 1213098, 1213099, 1213100, 1213102, 1213103, 1213104, 1213105, 1213106, 1213107, 1213108, 1213109, 1213110, 1213111, 1213112, 1213113, 1213114, 1213116, 1213134 CVE References: CVE-2022-36280, CVE-2022-38096, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2022-4744, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0394, CVE-2023-0461, CVE-2023-0469, CVE-2023-0590, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1077, CVE-2023-1079, CVE-2023-1095, CVE-2023-1118, CVE-2023-1249, CVE-2023-1382, CVE-2023-1513, CVE-2023-1582, CVE-2023-1583, CVE-2023-1611, CVE-2023-1637, CVE-2023-1652, CVE-2023-1670, CVE-2023-1829, CVE-2023-1838, CVE-2023-1855, CVE-2023-1989, CVE-2023-1998, CVE-2023-2002, CVE-2023-21102, CVE-2023-21106, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2176, CVE-2023-2235, CVE-2023-2269, CVE-2023-22998, CVE-2023-23000, CVE-2023-23001, CVE-2023-23004, CVE-2023-23006, CVE-2023-2430, CVE-2023-2483, CVE-2023-25012, CVE-2023-2513, CVE-2023-26545, CVE-2023-28327, CVE-2023-28410, CVE-2023-28464, CVE-2023-28866, CVE-2023-3006, CVE-2023-30456, CVE-2023-30772, CVE-2023-3090, CVE-2023-31084, CVE-2023-3111, CVE-2023-3141, CVE-2023-31436, CVE-2023-3161, CVE-2023-3212, CVE-2023-3220, CVE-2023-32233, CVE-2023-33288, CVE-2023-3357, CVE-2023-3358, CVE-2023-3389, CVE-2023-33951, CVE-2023-33952, CVE-2023-35788, CVE-2023-35823, CVE-2023-35828, CVE-2023-35829 Jira References: PED-1549, PED-3210, PED-3259, PED-3692, PED-370, PED-3750, PED-3759, PED-376, PED-3931, PED-4022, PED-835, SES-1880, SLE-18375, SLE-18377, SLE-18378, SLE-18379, SLE-18383, SLE-18384, SLE-18385, SLE-18978, SLE-18992, SLE-19001, SLE-19253, SLE-19255, SLE-19556 Sources used: openSUSE Leap 15.5 (src): kernel-livepatch-SLE15-SP5_Update_1-1-150500.11.7.1, kernel-syms-5.14.21-150500.55.7.1, kernel-obs-qa-5.14.21-150500.55.7.1, kernel-obs-build-5.14.21-150500.55.7.1, kernel-source-5.14.21-150500.55.7.1, kernel-default-base-5.14.21-150500.55.7.1.150500.6.2.5 Basesystem Module 15-SP5 (src): kernel-source-5.14.21-150500.55.7.1, kernel-default-base-5.14.21-150500.55.7.1.150500.6.2.5 Development Tools Module 15-SP5 (src): kernel-source-5.14.21-150500.55.7.1, kernel-syms-5.14.21-150500.55.7.1, kernel-obs-build-5.14.21-150500.55.7.1 SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5_Update_1-1-150500.11.7.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
released
SUSE-SU-2023:0774-1: An update that solves 17 vulnerabilities and has 92 security fixes can now be installed. Category: security (important) Bug References: 1166486, 1177529, 1193629, 1197534, 1198438, 1200054, 1202633, 1203331, 1203332, 1204363, 1204993, 1205544, 1206103, 1206224, 1206232, 1206459, 1206640, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206886, 1206894, 1206935, 1207036, 1207050, 1207051, 1207125, 1207270, 1207328, 1207588, 1207590, 1207591, 1207592, 1207593, 1207594, 1207603, 1207605, 1207606, 1207608, 1207609, 1207613, 1207615, 1207617, 1207618, 1207619, 1207620, 1207621, 1207623, 1207624, 1207625, 1207626, 1207630, 1207631, 1207632, 1207634, 1207635, 1207636, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207768, 1207770, 1207771, 1207773, 1207795, 1207845, 1207875, 1208149, 1208153, 1208183, 1208212, 1208290, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208542, 1208570, 1208607, 1208628, 1208700, 1208741, 1208759, 1208776, 1208784, 1208787, 1208816, 1208837, 1208843, 1209188 CVE References: CVE-2022-3523, CVE-2022-36280, CVE-2022-38096, CVE-2023-0045, CVE-2023-0122, CVE-2023-0461, CVE-2023-0590, CVE-2023-0597, CVE-2023-1118, CVE-2023-22995, CVE-2023-22998, CVE-2023-23000, CVE-2023-23004, CVE-2023-23454, CVE-2023-23455, CVE-2023-23559, CVE-2023-26545 Sources used: openSUSE Leap 15.4 (src): kernel-syms-azure-5.14.21-150400.14.37.1, kernel-source-azure-5.14.21-150400.14.37.1 Public Cloud Module 15-SP4 (src): kernel-syms-azure-5.14.21-150400.14.37.1, kernel-source-azure-5.14.21-150400.14.37.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.