1207051 – (CVE-2023-23559) Vul-0: CVE-2023-23559: kernel-source,kernel-rt,kernel-azure: Integer overflow in rndis_wlan that leads to a buffer overflow

Bug 1207051 (CVE-2023-23559) - Vul-0: CVE-2023-23559: kernel-source,kernel-rt,kernel-azure: Integer overflow in rndis_wlan that leads to a buffer overflow

Summary: Vul-0: CVE-2023-23559: kernel-source,kernel-rt,kernel-azure: Integer overflow...

Status:	IN_PROGRESS

Alias:	CVE-2023-23559

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	General (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P4 - Low Severity: Normal
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/353426/
Whiteboard:	CVSSv3.1:SUSE:CVE-2023-23559:6.5:(AV:...
Keywords:

Depends on:
Blocks:	1205767
	Show dependency tree / graph

Clone This Bug

Reported:	2023-01-11 12:17 UTC by Oliver Neukum
Modified:	2024-06-25 17:20 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Oliver Neukum 2023-01-11 12:17:39 UTC

This is from upstream:

https://patchwork.kernel.org/project/linux-wireless/patch/20230110173007.57110-1-szymon.heidrich@gmail.com/

To me this looks like a vulnerability that cannot be exploited remotely, but I am not certain. Greg KH has hinted, but _not_ confirmed that some device firmwares are so buggy that you can trigger this externally. He cited this as the currently publically available example of RNDIS being broken at the protocol level.

Quote #1:
Since resplen and respoffs are signed integers sufficiently
large values of unsigned int len and offset members of RNDIS
response will result in negative values of prior variables.
This may be utilized to bypass implemented security checks
to either extract memory contents by manipulating offset or
overflow the data buffer via memcpy by manipulating both
offset and len.

Additionally assure that sum of resplen and respoffs does not
overflow so buffer boundaries are kept.

Fixes: 80f8c5b434f9 ("rndis_wlan: copy only useful data from rndis_command respond")
Signed-off-by: Szymon Heidrich <szymon.heidrich@gmail.com>

Quote#2 (from Greg KH):
Yes, there has been a few ongoing situations, one of them was just
posted to the linux-wireless list for the rndis_wlan driver.

The other one I still do not think is public yet, sorry.

Comment 2 Cathy Hu 2023-01-12 11:25:48 UTC

I will request a CVE at mitre for this.


Tracking as affected (contains 80f8c5b434f9):
- SLE12-SP5
- SLE15-SP3
- SLE15-SP4
- cve/linux-3.0
- cve/linux-4.12
- cve/linux-4.4
- cve/linux-5.3
- stable

Comment 3 Cathy Hu 2023-01-13 08:25:52 UTC

Mitre assigned CVE-2023-23559 for this

Comment 4 Oliver Neukum 2023-02-20 11:39:51 UTC

Upstream commit c7dd13805f8b8fc1ce3b6d40f6aff47e66b72ad2 fixes this.

Comment 5 Oliver Neukum 2023-02-20 15:32:58 UTC

Fix pushed to all kernels

Comment 27 Maintenance Automation 2023-03-15 20:30:08 UTC

SUSE-SU-2023:0747-1: An update that solves seven vulnerabilities and has 11 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1194535, 1198438, 1203200, 1203331, 1205711, 1206103, 1207051, 1207201, 1207845, 1208179, 1208541, 1208542, 1208570, 1208700, 1208837, 1209008, 1209188
CVE References: CVE-2021-4203, CVE-2022-38096, CVE-2022-4129, CVE-2023-0597, CVE-2023-1118, CVE-2023-23559, CVE-2023-26545
Sources used:
SUSE Linux Enterprise Real Time 12 SP5 (src): kernel-source-rt-4.12.14-10.118.1, kernel-syms-rt-4.12.14-10.118.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 28 Maintenance Automation 2023-03-16 08:30:12 UTC

SUSE-SU-2023:0749-1: An update that solves 12 vulnerabilities and has 25 fixes can now be installed.

Category: security (important)
Bug References: 1177529, 1193629, 1197534, 1198438, 1200054, 1202633, 1203331, 1204363, 1204993, 1205544, 1205846, 1206103, 1206232, 1206935, 1207051, 1207270, 1207560, 1207845, 1207846, 1208212, 1208420, 1208449, 1208534, 1208541, 1208542, 1208570, 1208607, 1208628, 1208700, 1208741, 1208759, 1208776, 1208784, 1208787, 1208816, 1208837, 1208843
CVE References: CVE-2022-3523, CVE-2022-38096, CVE-2023-0461, CVE-2023-0597, CVE-2023-1118, CVE-2023-22995, CVE-2023-22998, CVE-2023-23000, CVE-2023-23004, CVE-2023-23559, CVE-2023-25012, CVE-2023-26545
Sources used:
openSUSE Leap 15.4 (src): kernel-syms-rt-5.14.21-150400.15.14.1, kernel-source-rt-5.14.21-150400.15.14.2
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_4-1-150400.1.3.1
SUSE Real Time Module 15-SP4 (src): kernel-syms-rt-5.14.21-150400.15.14.1, kernel-source-rt-5.14.21-150400.15.14.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 29 Maintenance Automation 2023-03-16 12:30:10 UTC

SUSE-SU-2023:0762-1: An update that solves six vulnerabilities and has seven fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1198438, 1203331, 1205711, 1206103, 1207051, 1207845, 1208179, 1208542, 1208700, 1208837, 1209008, 1209188
CVE References: CVE-2022-38096, CVE-2022-4129, CVE-2023-0597, CVE-2023-1118, CVE-2023-23559, CVE-2023-26545
Sources used:
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): kernel-syms-azure-4.12.14-16.127.1, kernel-source-azure-4.12.14-16.127.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src): kernel-syms-azure-4.12.14-16.127.1, kernel-source-azure-4.12.14-16.127.1
SUSE Linux Enterprise Server 12 SP5 (src): kernel-syms-azure-4.12.14-16.127.1, kernel-source-azure-4.12.14-16.127.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 30 Maintenance Automation 2023-03-16 16:30:02 UTC

SUSE-SU-2023:0770-1: An update that solves six vulnerabilities and has five fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1198438, 1203331, 1205711, 1206103, 1207051, 1207845, 1208542, 1208700, 1208837, 1209188
CVE References: CVE-2022-38096, CVE-2022-4129, CVE-2023-0597, CVE-2023-1118, CVE-2023-23559, CVE-2023-26545
Sources used:
SUSE Linux Enterprise Live Patching 12-SP5 (src): kgraft-patch-SLE12-SP5_Update_41-1-8.3.1
SUSE Linux Enterprise Software Development Kit 12 SP5 (src): kernel-obs-build-4.12.14-122.153.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src): kernel-syms-4.12.14-122.153.1, kernel-source-4.12.14-122.153.1
SUSE Linux Enterprise Server 12 SP5 (src): kernel-syms-4.12.14-122.153.1, kernel-source-4.12.14-122.153.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): kernel-syms-4.12.14-122.153.1, kernel-source-4.12.14-122.153.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 31 Maintenance Automation 2023-03-16 16:30:15 UTC

SUSE-SU-2023:0768-1: An update that solves 11 vulnerabilities and has five fixes can now be installed.

Category: security (important)
Bug References: 1186449, 1194535, 1201420, 1203331, 1203332, 1204356, 1204662, 1205711, 1207051, 1207773, 1207795, 1207845, 1207875, 1208700, 1208837, 1209188
CVE References: CVE-2021-4203, CVE-2022-2991, CVE-2022-36280, CVE-2022-38096, CVE-2022-4129, CVE-2023-0045, CVE-2023-0590, CVE-2023-0597, CVE-2023-1118, CVE-2023-23559, CVE-2023-26545
Sources used:
SUSE Linux Enterprise Live Patching 15-SP1 (src): kernel-livepatch-SLE15-SP1_Update_38-1-150100.3.3.2
SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (src): kernel-syms-4.12.14-150100.197.137.2, kernel-obs-build-4.12.14-150100.197.137.2, kernel-source-4.12.14-150100.197.137.2
SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (src): kernel-syms-4.12.14-150100.197.137.2, kernel-obs-build-4.12.14-150100.197.137.2, kernel-source-4.12.14-150100.197.137.2
SUSE Linux Enterprise Server for SAP Applications 15 SP1 (src): kernel-syms-4.12.14-150100.197.137.2, kernel-obs-build-4.12.14-150100.197.137.2, kernel-source-4.12.14-150100.197.137.2
SUSE CaaS Platform 4.0 (src): kernel-syms-4.12.14-150100.197.137.2, kernel-obs-build-4.12.14-150100.197.137.2, kernel-source-4.12.14-150100.197.137.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 32 Maintenance Automation 2023-03-16 20:30:02 UTC

SUSE-SU-2023:0778-1: An update that solves 11 vulnerabilities and has 10 fixes can now be installed.

Category: security (important)
Bug References: 1186449, 1203331, 1203332, 1204356, 1204662, 1207051, 1207773, 1207795, 1207845, 1207875, 1207878, 1208023, 1208153, 1208212, 1208700, 1208741, 1208813, 1208816, 1208837, 1208845, 1208971
CVE References: CVE-2022-36280, CVE-2022-38096, CVE-2023-0045, CVE-2023-0590, CVE-2023-0597, CVE-2023-1118, CVE-2023-22995, CVE-2023-23000, CVE-2023-23006, CVE-2023-23559, CVE-2023-26545
Sources used:
SUSE Linux Enterprise Live Patching 15-SP2 (src): kernel-livepatch-SLE15-SP2_Update_34-1-150200.5.3.1
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): kernel-default-base-5.3.18-150200.24.145.1.150200.9.69.1, kernel-obs-build-5.3.18-150200.24.145.1, kernel-source-5.3.18-150200.24.145.1, kernel-syms-5.3.18-150200.24.145.1
SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): kernel-default-base-5.3.18-150200.24.145.1.150200.9.69.1, kernel-obs-build-5.3.18-150200.24.145.1, kernel-source-5.3.18-150200.24.145.1, kernel-syms-5.3.18-150200.24.145.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): kernel-default-base-5.3.18-150200.24.145.1.150200.9.69.1, kernel-obs-build-5.3.18-150200.24.145.1, kernel-source-5.3.18-150200.24.145.1, kernel-syms-5.3.18-150200.24.145.1
SUSE Enterprise Storage 7 (src): kernel-default-base-5.3.18-150200.24.145.1.150200.9.69.1, kernel-obs-build-5.3.18-150200.24.145.1, kernel-source-5.3.18-150200.24.145.1, kernel-syms-5.3.18-150200.24.145.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 33 Maintenance Automation 2023-03-16 20:31:05 UTC

SUSE-SU-2023:0780-1: An update that solves 12 vulnerabilities and has 13 fixes can now be installed.

Category: security (important)
Bug References: 1186449, 1195175, 1198438, 1203331, 1203332, 1204356, 1204662, 1206103, 1206351, 1207051, 1207575, 1207773, 1207795, 1207845, 1207875, 1208023, 1208153, 1208212, 1208700, 1208741, 1208776, 1208816, 1208837, 1208845, 1208971
CVE References: CVE-2022-36280, CVE-2022-38096, CVE-2023-0045, CVE-2023-0590, CVE-2023-0597, CVE-2023-1118, CVE-2023-22995, CVE-2023-22998, CVE-2023-23000, CVE-2023-23006, CVE-2023-23559, CVE-2023-26545
Sources used:
SUSE Linux Enterprise Live Patching 15-SP3 (src): kernel-livepatch-SLE15-SP3_Update_30-1-150300.7.3.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): kernel-obs-build-5.3.18-150300.59.115.2, kernel-source-5.3.18-150300.59.115.2, kernel-default-base-5.3.18-150300.59.115.2.150300.18.66.1, kernel-syms-5.3.18-150300.59.115.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): kernel-obs-build-5.3.18-150300.59.115.2, kernel-source-5.3.18-150300.59.115.2, kernel-default-base-5.3.18-150300.59.115.2.150300.18.66.1, kernel-syms-5.3.18-150300.59.115.1
SUSE Linux Enterprise Real Time 15 SP3 (src): kernel-obs-build-5.3.18-150300.59.115.2, kernel-source-5.3.18-150300.59.115.2, kernel-default-base-5.3.18-150300.59.115.2.150300.18.66.1, kernel-syms-5.3.18-150300.59.115.1
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): kernel-obs-build-5.3.18-150300.59.115.2, kernel-source-5.3.18-150300.59.115.2, kernel-default-base-5.3.18-150300.59.115.2.150300.18.66.1, kernel-syms-5.3.18-150300.59.115.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): kernel-obs-build-5.3.18-150300.59.115.2, kernel-source-5.3.18-150300.59.115.2, kernel-default-base-5.3.18-150300.59.115.2.150300.18.66.1, kernel-syms-5.3.18-150300.59.115.1
SUSE Manager Proxy 4.2 (src): kernel-source-5.3.18-150300.59.115.2, kernel-default-base-5.3.18-150300.59.115.2.150300.18.66.1
SUSE Manager Retail Branch Server 4.2 (src): kernel-source-5.3.18-150300.59.115.2, kernel-default-base-5.3.18-150300.59.115.2.150300.18.66.1
SUSE Manager Server 4.2 (src): kernel-source-5.3.18-150300.59.115.2, kernel-default-base-5.3.18-150300.59.115.2.150300.18.66.1
SUSE Enterprise Storage 7.1 (src): kernel-obs-build-5.3.18-150300.59.115.2, kernel-source-5.3.18-150300.59.115.2, kernel-default-base-5.3.18-150300.59.115.2.150300.18.66.1, kernel-syms-5.3.18-150300.59.115.1
SUSE Linux Enterprise Micro 5.1 (src): kernel-default-base-5.3.18-150300.59.115.2.150300.18.66.1
SUSE Linux Enterprise Micro 5.2 (src): kernel-default-base-5.3.18-150300.59.115.2.150300.18.66.1
SUSE Linux Enterprise Micro for Rancher 5.2 (src): kernel-default-base-5.3.18-150300.59.115.2.150300.18.66.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 34 Maintenance Automation 2023-03-16 20:31:51 UTC

SUSE-SU-2023:0779-1: An update that solves 21 vulnerabilities and has 12 fixes can now be installed.

Category: security (important)
Bug References: 1186449, 1203331, 1203332, 1203693, 1204502, 1204760, 1205149, 1206351, 1206677, 1206784, 1207034, 1207051, 1207134, 1207186, 1207237, 1207497, 1207508, 1207560, 1207773, 1207795, 1207845, 1207875, 1207878, 1208212, 1208599, 1208700, 1208741, 1208776, 1208816, 1208837, 1208845, 1208971, 1209008
CVE References: CVE-2022-3606, CVE-2022-36280, CVE-2022-38096, CVE-2022-47929, CVE-2023-0045, CVE-2023-0179, CVE-2023-0266, CVE-2023-0590, CVE-2023-0597, CVE-2023-1076, CVE-2023-1095, CVE-2023-1118, CVE-2023-1195, CVE-2023-22995, CVE-2023-22998, CVE-2023-23000, CVE-2023-23004, CVE-2023-23006, CVE-2023-23559, CVE-2023-25012, CVE-2023-26545
Sources used:
SUSE Real Time Module 15-SP3 (src): kernel-syms-rt-5.3.18-150300.121.1, kernel-source-rt-5.3.18-150300.121.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 35 Maintenance Automation 2023-03-17 16:30:16 UTC

SUSE-SU-2023:0796-1: An update that solves eight vulnerabilities and has 85 fixes can now be installed.

Category: security (important)
Bug References: 1166486, 1177529, 1203331, 1203332, 1204993, 1205544, 1206224, 1206232, 1206459, 1206640, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206889, 1206894, 1207051, 1207270, 1207328, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207613, 1207615, 1207617, 1207618, 1207619, 1207620, 1207621, 1207623, 1207624, 1207625, 1207626, 1207628, 1207630, 1207631, 1207632, 1207634, 1207635, 1207636, 1207638, 1207639, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207651, 1207653, 1207770, 1207773, 1207845, 1207875, 1208149, 1208153, 1208183, 1208212, 1208290, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208570, 1208607, 1208628, 1208700, 1208741, 1208759, 1208784, 1208787, 1209188
CVE References: CVE-2022-36280, CVE-2022-38096, CVE-2023-0045, CVE-2023-0461, CVE-2023-0597, CVE-2023-22995, CVE-2023-23559, CVE-2023-26545
Sources used:
openSUSE Leap Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.49.3.150400.24.19.3
openSUSE Leap 15.4 (src): kernel-obs-qa-5.14.21-150400.24.49.2, kernel-default-base-5.14.21-150400.24.49.3.150400.24.19.3, kernel-syms-5.14.21-150400.24.49.4, kernel-source-5.14.21-150400.24.49.4, kernel-obs-build-5.14.21-150400.24.49.3
SUSE Linux Enterprise Micro for Rancher 5.3 (src): kernel-default-base-5.14.21-150400.24.49.3.150400.24.19.3
SUSE Linux Enterprise Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.49.3.150400.24.19.3
Basesystem Module 15-SP4 (src): kernel-source-5.14.21-150400.24.49.4, kernel-default-base-5.14.21-150400.24.49.3.150400.24.19.3
Development Tools Module 15-SP4 (src): kernel-syms-5.14.21-150400.24.49.4, kernel-source-5.14.21-150400.24.49.4, kernel-obs-build-5.14.21-150400.24.49.3
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4_Update_9-1-150400.9.3.3

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 36 Maintenance Automation 2023-03-21 16:30:02 UTC

SUSE-SU-2023:0852-1: An update that solves nine vulnerabilities and has two fixes can now be installed.

Category: security (important)
Bug References: 1191881, 1194535, 1201420, 1203331, 1203332, 1205711, 1207051, 1207773, 1207795, 1208700, 1209188
CVE References: CVE-2021-4203, CVE-2022-2991, CVE-2022-36280, CVE-2022-38096, CVE-2022-4129, CVE-2023-0045, CVE-2023-0590, CVE-2023-23559, CVE-2023-26545
Sources used:
SUSE OpenStack Cloud 9 (src): kernel-source-4.12.14-95.120.4, kernel-syms-4.12.14-95.120.4
SUSE OpenStack Cloud Crowbar 9 (src): kernel-source-4.12.14-95.120.4, kernel-syms-4.12.14-95.120.4
SUSE Linux Enterprise Live Patching 12-SP4 (src): kgraft-patch-SLE12-SP4_Update_34-1-6.3.4
SUSE Linux Enterprise Server for SAP Applications 12 SP4 (src): kernel-source-4.12.14-95.120.4, kernel-syms-4.12.14-95.120.4
SUSE Linux Enterprise Server 12 SP4 ESPOS 12-SP4 (src): kernel-source-4.12.14-95.120.4, kernel-syms-4.12.14-95.120.4
SUSE Linux Enterprise Server 12 SP4 LTSS 12-SP4 (src): kernel-source-4.12.14-95.120.4, kernel-syms-4.12.14-95.120.4

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 37 Maintenance Automation 2023-03-28 08:30:23 UTC

SUSE-SU-2023:1609-1: An update that solves 17 vulnerabilities and has 44 fixes can now be installed.

Category: security (important)
Bug References: 1177529, 1193629, 1197534, 1197617, 1198438, 1200054, 1202353, 1202633, 1203200, 1203331, 1204363, 1204993, 1205544, 1205846, 1206103, 1206232, 1206492, 1206493, 1206824, 1206935, 1207051, 1207270, 1207529, 1207560, 1207845, 1207846, 1208179, 1208212, 1208420, 1208449, 1208534, 1208541, 1208542, 1208570, 1208598, 1208599, 1208601, 1208605, 1208607, 1208628, 1208700, 1208741, 1208759, 1208776, 1208777, 1208784, 1208787, 1208816, 1208837, 1208843, 1208848, 1209008, 1209159, 1209188, 1209256, 1209258, 1209262, 1209291, 1209436, 1209457, 1209504
CVE References: CVE-2022-3523, CVE-2022-38096, CVE-2023-0461, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1078, CVE-2023-1095, CVE-2023-1118, CVE-2023-22995, CVE-2023-22998, CVE-2023-23000, CVE-2023-23004, CVE-2023-23559, CVE-2023-25012, CVE-2023-26545, CVE-2023-28328
Sources used:
openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.18.1, kernel-syms-rt-5.14.21-150400.15.18.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_5-1-150400.1.3.1
SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.18.1, kernel-syms-rt-5.14.21-150400.15.18.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 38 Maintenance Automation 2023-03-28 08:31:40 UTC

SUSE-SU-2023:1608-1: An update that solves 24 vulnerabilities and has 112 fixes can now be installed.

Category: security (important)
Bug References: 1166486, 1177529, 1193629, 1197534, 1197617, 1198438, 1200054, 1202353, 1202633, 1203200, 1203331, 1203332, 1204363, 1204993, 1205544, 1205846, 1206103, 1206224, 1206232, 1206459, 1206492, 1206493, 1206640, 1206824, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206886, 1206894, 1206935, 1207036, 1207050, 1207051, 1207125, 1207270, 1207328, 1207529, 1207560, 1207588, 1207590, 1207591, 1207592, 1207593, 1207594, 1207603, 1207605, 1207606, 1207608, 1207609, 1207613, 1207615, 1207617, 1207618, 1207619, 1207620, 1207621, 1207623, 1207624, 1207625, 1207626, 1207630, 1207631, 1207632, 1207634, 1207635, 1207636, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207768, 1207770, 1207771, 1207773, 1207795, 1207845, 1207875, 1208149, 1208153, 1208179, 1208183, 1208212, 1208290, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208542, 1208570, 1208598, 1208599, 1208601, 1208605, 1208607, 1208628, 1208700, 1208741, 1208759, 1208776, 1208777, 1208784, 1208787, 1208816, 1208829, 1208837, 1208843, 1208848, 1209008, 1209159, 1209188, 1209256, 1209258, 1209262, 1209291, 1209436, 1209457, 1209504, 1209572
CVE References: CVE-2022-3523, CVE-2022-36280, CVE-2022-38096, CVE-2023-0045, CVE-2023-0122, CVE-2023-0461, CVE-2023-0590, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1078, CVE-2023-1095, CVE-2023-1118, CVE-2023-22995, CVE-2023-22998, CVE-2023-23000, CVE-2023-23001, CVE-2023-23004, CVE-2023-23454, CVE-2023-23455, CVE-2023-23559, CVE-2023-25012, CVE-2023-26545, CVE-2023-28328
Sources used:
openSUSE Leap 15.4 (src): kernel-syms-azure-5.14.21-150400.14.40.1, kernel-source-azure-5.14.21-150400.14.40.1
Public Cloud Module 15-SP4 (src): kernel-syms-azure-5.14.21-150400.14.40.1, kernel-source-azure-5.14.21-150400.14.40.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 40 Maintenance Automation 2023-03-31 12:30:28 UTC

SUSE-SU-2023:1710-1: An update that solves 19 vulnerabilities and has 111 fixes can now be installed.

Category: security (important)
Bug References: 1166486, 1177529, 1193629, 1197534, 1197617, 1198438, 1202353, 1202633, 1203200, 1203331, 1203332, 1204363, 1204993, 1205544, 1205846, 1206103, 1206224, 1206232, 1206459, 1206492, 1206493, 1206640, 1206824, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206889, 1206894, 1206935, 1207051, 1207270, 1207328, 1207529, 1207560, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207613, 1207615, 1207617, 1207618, 1207619, 1207620, 1207621, 1207623, 1207624, 1207625, 1207626, 1207628, 1207630, 1207631, 1207632, 1207634, 1207635, 1207636, 1207638, 1207639, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207651, 1207653, 1207770, 1207773, 1207845, 1207875, 1208149, 1208153, 1208179, 1208183, 1208212, 1208290, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208570, 1208598, 1208599, 1208601, 1208603, 1208605, 1208607, 1208628, 1208700, 1208741, 1208759, 1208776, 1208777, 1208784, 1208787, 1208816, 1208837, 1208843, 1208848, 1209008, 1209159, 1209188, 1209256, 1209258, 1209262, 1209291, 1209436, 1209457, 1209504
CVE References: CVE-2022-3523, CVE-2022-36280, CVE-2022-38096, CVE-2023-0045, CVE-2023-0461, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1078, CVE-2023-1095, CVE-2023-1118, CVE-2023-22995, CVE-2023-22998, CVE-2023-23000, CVE-2023-23004, CVE-2023-23559, CVE-2023-25012, CVE-2023-26545, CVE-2023-28328
Sources used:
openSUSE Leap Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.55.3.150400.24.22.7
openSUSE Leap 15.4 (src): kernel-obs-qa-5.14.21-150400.24.55.1, kernel-syms-5.14.21-150400.24.55.1, kernel-source-5.14.21-150400.24.55.2, kernel-default-base-5.14.21-150400.24.55.3.150400.24.22.7, kernel-obs-build-5.14.21-150400.24.55.3
SUSE Linux Enterprise Micro for Rancher 5.3 (src): kernel-default-base-5.14.21-150400.24.55.3.150400.24.22.7
SUSE Linux Enterprise Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.55.3.150400.24.22.7
SUSE Linux Enterprise Micro for Rancher 5.4 (src): kernel-default-base-5.14.21-150400.24.55.3.150400.24.22.7
SUSE Linux Enterprise Micro 5.4 (src): kernel-default-base-5.14.21-150400.24.55.3.150400.24.22.7
Basesystem Module 15-SP4 (src): kernel-source-5.14.21-150400.24.55.2, kernel-default-base-5.14.21-150400.24.55.3.150400.24.22.7
Development Tools Module 15-SP4 (src): kernel-source-5.14.21-150400.24.55.2, kernel-syms-5.14.21-150400.24.55.1, kernel-obs-build-5.14.21-150400.24.55.3
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4_Update_10-1-150400.9.3.7

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 41 Maintenance Automation 2023-04-03 12:30:33 UTC

SUSE-SU-2023:0767-1: An update that solves five vulnerabilities and has one fix can now be installed.

Category: security (important)
Bug References: 1203331, 1203332, 1207051, 1207795, 1208700, 1209188
CVE References: CVE-2022-36280, CVE-2022-38096, CVE-2023-0590, CVE-2023-23559, CVE-2023-26545
Sources used:
SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 (src): kernel-syms-4.4.121-92.202.6, kernel-source-4.4.121-92.202.6

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 43 Maintenance Automation 2023-06-06 12:30:21 UTC

SUSE-SU-2023:0796-2: An update that solves eight vulnerabilities and has 86 fixes can now be installed.

Category: security (important)
Bug References: 1166486, 1177529, 1203331, 1203332, 1204993, 1205544, 1206224, 1206232, 1206459, 1206640, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206889, 1206894, 1207051, 1207270, 1207328, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207613, 1207615, 1207617, 1207618, 1207619, 1207620, 1207621, 1207623, 1207624, 1207625, 1207626, 1207628, 1207630, 1207631, 1207632, 1207634, 1207635, 1207636, 1207638, 1207639, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207651, 1207653, 1207770, 1207773, 1207845, 1207875, 1208149, 1208153, 1208183, 1208212, 1208290, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208570, 1208607, 1208628, 1208700, 1208741, 1208759, 1208784, 1208787, 1209188, 1209436
CVE References: CVE-2022-36280, CVE-2022-38096, CVE-2023-0045, CVE-2023-0461, CVE-2023-0597, CVE-2023-22995, CVE-2023-23559, CVE-2023-26545
Sources used:
openSUSE Leap Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.49.3.150400.24.19.3
openSUSE Leap 15.4 (src): kernel-syms-5.14.21-150400.24.49.4, kernel-obs-qa-5.14.21-150400.24.49.2, kernel-source-5.14.21-150400.24.49.4, kernel-default-base-5.14.21-150400.24.49.3.150400.24.19.3, kernel-obs-build-5.14.21-150400.24.49.3
SUSE Linux Enterprise Micro for Rancher 5.3 (src): kernel-default-base-5.14.21-150400.24.49.3.150400.24.19.3
SUSE Linux Enterprise Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.49.3.150400.24.19.3
Basesystem Module 15-SP4 (src): kernel-default-base-5.14.21-150400.24.49.3.150400.24.19.3, kernel-source-5.14.21-150400.24.49.4
Development Tools Module 15-SP4 (src): kernel-syms-5.14.21-150400.24.49.4, kernel-obs-build-5.14.21-150400.24.49.3, kernel-source-5.14.21-150400.24.49.4
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4_Update_9-1-150400.9.3.3

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 44 Maintenance Automation 2023-06-06 12:30:56 UTC

SUSE-SU-2023:0749-2: An update that solves 12 vulnerabilities and has 27 fixes can now be installed.

Category: security (important)
Bug References: 1177529, 1193629, 1197534, 1198438, 1200054, 1202633, 1203331, 1204363, 1204993, 1205544, 1205846, 1206103, 1206232, 1206935, 1207051, 1207270, 1207560, 1207845, 1207846, 1208212, 1208420, 1208449, 1208534, 1208541, 1208542, 1208570, 1208607, 1208628, 1208700, 1208741, 1208759, 1208776, 1208784, 1208787, 1208816, 1208837, 1208843, 1209188, 1209436
CVE References: CVE-2022-3523, CVE-2022-38096, CVE-2023-0461, CVE-2023-0597, CVE-2023-1118, CVE-2023-22995, CVE-2023-22998, CVE-2023-23000, CVE-2023-23004, CVE-2023-23559, CVE-2023-25012, CVE-2023-26545
Sources used:
openSUSE Leap 15.4 (src): kernel-syms-rt-5.14.21-150400.15.14.1, kernel-source-rt-5.14.21-150400.15.14.2
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_4-1-150400.1.3.1
SUSE Real Time Module 15-SP4 (src): kernel-syms-rt-5.14.21-150400.15.14.1, kernel-source-rt-5.14.21-150400.15.14.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 47 Maintenance Automation 2023-06-14 08:30:19 UTC

SUSE-SU-2023:2506-1: An update that solves 14 vulnerabilities and has one fix can now be installed.

Category: security (important)
Bug References: 1108488, 1204414, 1207036, 1207051, 1207125, 1207795, 1208837, 1209008, 1209256, 1209291, 1209532, 1209871, 1210336, 1210647, 1211186
CVE References: CVE-2017-5753, CVE-2018-9517, CVE-2022-3567, CVE-2023-0590, CVE-2023-1118, CVE-2023-1513, CVE-2023-1670, CVE-2023-1989, CVE-2023-2162, CVE-2023-23454, CVE-2023-23455, CVE-2023-23559, CVE-2023-28328, CVE-2023-32269
Sources used:
SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 (src): kernel-syms-3.0.101-108.141.1, kernel-source-3.0.101-108.141.1
SUSE Linux Enterprise Server 11 SP4 (src): kernel-syms-3.0.101-108.141.1, kernel-source-3.0.101-108.141.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 52 Maintenance Automation 2023-07-11 16:30:58 UTC

SUSE-SU-2023:2809-1: An update that solves 84 vulnerabilities, contains 25 features and has 320 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1109158, 1142685, 1152472, 1152489, 1155798, 1160435, 1166486, 1172073, 1174777, 1177529, 1185861, 1186449, 1189998, 1189999, 1191731, 1193629, 1194869, 1195175, 1195655, 1195921, 1196058, 1197534, 1197617, 1198101, 1198400, 1198438, 1198835, 1199304, 1199701, 1200054, 1202353, 1202633, 1203039, 1203200, 1203325, 1203331, 1203332, 1203693, 1203906, 1204356, 1204363, 1204662, 1204993, 1205153, 1205191, 1205205, 1205544, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1205846, 1206024, 1206036, 1206056, 1206057, 1206103, 1206224, 1206232, 1206340, 1206459, 1206492, 1206493, 1206578, 1206640, 1206649, 1206824, 1206843, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206891, 1206893, 1206894, 1206935, 1206992, 1207034, 1207036, 1207050, 1207051, 1207088, 1207125, 1207149, 1207158, 1207168, 1207185, 1207270, 1207315, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207521, 1207553, 1207560, 1207574, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207827, 1207842, 1207845, 1207875, 1207878, 1207933, 1207935, 1207948, 1208050, 1208076, 1208081, 1208105, 1208107, 1208128, 1208130, 1208149, 1208153, 1208183, 1208212, 1208219, 1208290, 1208368, 1208410, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208542, 1208570, 1208588, 1208598, 1208599, 1208600, 1208601, 1208602, 1208604, 1208605, 1208607, 1208619, 1208628, 1208700, 1208741, 1208758, 1208759, 1208776, 1208777, 1208784, 1208787, 1208815, 1208816, 1208829, 1208837, 1208843, 1208845, 1208848, 1208864, 1208902, 1208948, 1208976, 1209008, 1209039, 1209052, 1209092, 1209159, 1209256, 1209258, 1209262, 1209287, 1209288, 1209290, 1209291, 1209292, 1209366, 1209367, 1209436, 1209457, 1209504, 1209532, 1209556, 1209600, 1209615, 1209635, 1209636, 1209637, 1209684, 1209687, 1209693, 1209739, 1209779, 1209780, 1209788, 1209798, 1209799, 1209804, 1209805, 1209856, 1209871, 1209927, 1209980, 1209982, 1209999, 1210034, 1210050, 1210158, 1210165, 1210202, 1210203, 1210206, 1210216, 1210230, 1210294, 1210301, 1210329, 1210336, 1210337, 1210409, 1210439, 1210449, 1210450, 1210453, 1210454, 1210469, 1210498, 1210506, 1210533, 1210551, 1210629, 1210644, 1210647, 1210725, 1210741, 1210762, 1210763, 1210764, 1210765, 1210766, 1210767, 1210768, 1210769, 1210770, 1210771, 1210775, 1210783, 1210791, 1210793, 1210806, 1210816, 1210817, 1210827, 1210940, 1210943, 1210947, 1210953, 1210986, 1211025, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211205, 1211263, 1211280, 1211281, 1211299, 1211346, 1211387, 1211400, 1211410, 1211414, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211593, 1211595, 1211654, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211794, 1211796, 1211804, 1211807, 1211808, 1211820, 1211836, 1211847, 1211852, 1211855, 1211960, 1212129, 1212154, 1212155, 1212158, 1212350, 1212405, 1212445, 1212448, 1212494, 1212495, 1212504, 1212513, 1212540, 1212556, 1212561, 1212563, 1212564, 1212584, 1212592, 1212605, 1212606, 1212619, 1212701, 1212741
CVE References: CVE-2020-24588, CVE-2022-2196, CVE-2022-3523, CVE-2022-36280, CVE-2022-38096, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2022-4744, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0386, CVE-2023-0394, CVE-2023-0461, CVE-2023-0469, CVE-2023-0590, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1077, CVE-2023-1078, CVE-2023-1079, CVE-2023-1095, CVE-2023-1118, CVE-2023-1249, CVE-2023-1382, CVE-2023-1513, CVE-2023-1582, CVE-2023-1583, CVE-2023-1611, CVE-2023-1637, CVE-2023-1652, CVE-2023-1670, CVE-2023-1838, CVE-2023-1855, CVE-2023-1989, CVE-2023-1998, CVE-2023-2002, CVE-2023-21102, CVE-2023-21106, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2176, CVE-2023-2235, CVE-2023-2269, CVE-2023-22998, CVE-2023-23000, CVE-2023-23001, CVE-2023-23004, CVE-2023-23006, CVE-2023-23454, CVE-2023-23455, CVE-2023-2483, CVE-2023-25012, CVE-2023-2513, CVE-2023-26545, CVE-2023-28327, CVE-2023-28410, CVE-2023-28464, CVE-2023-28466, CVE-2023-28866, CVE-2023-3006, CVE-2023-30456, CVE-2023-30772, CVE-2023-31084, CVE-2023-3141, CVE-2023-31436, CVE-2023-3161, CVE-2023-3220, CVE-2023-32233, CVE-2023-33288, CVE-2023-3357, CVE-2023-3358, CVE-2023-33951, CVE-2023-33952, CVE-2023-35788, CVE-2023-35823, CVE-2023-35828, CVE-2023-35829
Jira References: PED-1549, PED-3210, PED-3259, PED-3692, PED-370, PED-3750, PED-3759, PED-376, PED-3931, PED-4022, PED-835, SES-1880, SLE-18375, SLE-18377, SLE-18378, SLE-18379, SLE-18383, SLE-18384, SLE-18385, SLE-18978, SLE-18992, SLE-19001, SLE-19253, SLE-19255, SLE-19556
Sources used:
openSUSE Leap 15.5 (src): kernel-livepatch-SLE15-SP5-RT_Update_1-1-150500.11.5.1, kernel-syms-rt-5.14.21-150500.13.5.1, kernel-source-rt-5.14.21-150500.13.5.1
SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5-RT_Update_1-1-150500.11.5.1
SUSE Real Time Module 15-SP5 (src): kernel-syms-rt-5.14.21-150500.13.5.1, kernel-source-rt-5.14.21-150500.13.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 53 Maintenance Automation 2023-07-18 16:31:21 UTC

SUSE-SU-2023:2871-1: An update that solves 82 vulnerabilities, contains 25 features and has 390 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1109158, 1142685, 1152472, 1152489, 1155798, 1160435, 1166486, 1172073, 1174777, 1177529, 1186449, 1187829, 1189998, 1189999, 1191731, 1193629, 1194869, 1195175, 1195655, 1195921, 1196058, 1197534, 1197617, 1198101, 1198400, 1198438, 1198835, 1199304, 1199701, 1200054, 1202353, 1202633, 1203039, 1203200, 1203325, 1203331, 1203332, 1203693, 1203906, 1204356, 1204363, 1204662, 1204993, 1205153, 1205191, 1205205, 1205544, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1205846, 1206024, 1206036, 1206056, 1206057, 1206103, 1206224, 1206232, 1206340, 1206459, 1206492, 1206493, 1206552, 1206578, 1206640, 1206649, 1206677, 1206824, 1206843, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206891, 1206893, 1206894, 1206935, 1206992, 1207034, 1207036, 1207050, 1207051, 1207088, 1207125, 1207149, 1207158, 1207168, 1207185, 1207270, 1207315, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207521, 1207553, 1207560, 1207574, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207827, 1207842, 1207845, 1207875, 1207878, 1207933, 1207935, 1207948, 1208050, 1208076, 1208081, 1208105, 1208107, 1208128, 1208130, 1208149, 1208153, 1208183, 1208212, 1208219, 1208290, 1208368, 1208410, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208542, 1208570, 1208588, 1208598, 1208599, 1208600, 1208601, 1208602, 1208604, 1208605, 1208607, 1208619, 1208628, 1208700, 1208741, 1208758, 1208759, 1208776, 1208777, 1208784, 1208787, 1208815, 1208816, 1208829, 1208837, 1208843, 1208845, 1208848, 1208864, 1208902, 1208948, 1208976, 1209008, 1209039, 1209052, 1209092, 1209159, 1209256, 1209258, 1209262, 1209287, 1209288, 1209290, 1209291, 1209292, 1209366, 1209367, 1209436, 1209457, 1209504, 1209532, 1209556, 1209600, 1209615, 1209635, 1209636, 1209637, 1209684, 1209687, 1209693, 1209739, 1209779, 1209780, 1209788, 1209798, 1209799, 1209804, 1209805, 1209856, 1209871, 1209927, 1209980, 1209982, 1209999, 1210034, 1210050, 1210158, 1210165, 1210202, 1210203, 1210206, 1210216, 1210230, 1210294, 1210301, 1210329, 1210335, 1210336, 1210337, 1210409, 1210439, 1210449, 1210450, 1210453, 1210454, 1210498, 1210506, 1210533, 1210551, 1210565, 1210584, 1210629, 1210644, 1210647, 1210725, 1210741, 1210762, 1210763, 1210764, 1210765, 1210766, 1210767, 1210768, 1210769, 1210770, 1210771, 1210775, 1210783, 1210791, 1210793, 1210806, 1210816, 1210817, 1210827, 1210853, 1210940, 1210943, 1210947, 1210953, 1210986, 1211014, 1211025, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211205, 1211263, 1211280, 1211281, 1211299, 1211346, 1211387, 1211400, 1211410, 1211414, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211593, 1211595, 1211654, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211794, 1211796, 1211804, 1211807, 1211808, 1211820, 1211836, 1211847, 1211852, 1211855, 1211960, 1212051, 1212129, 1212154, 1212155, 1212158, 1212265, 1212350, 1212445, 1212448, 1212456, 1212494, 1212495, 1212504, 1212513, 1212540, 1212556, 1212561, 1212563, 1212564, 1212584, 1212592, 1212603, 1212605, 1212606, 1212619, 1212685, 1212701, 1212741, 1212835, 1212838, 1212842, 1212848, 1212861, 1212869, 1212892, 1212961, 1213010, 1213011, 1213012, 1213013, 1213014, 1213015, 1213016, 1213017, 1213018, 1213019, 1213020, 1213021, 1213024, 1213025, 1213032, 1213034, 1213035, 1213036, 1213037, 1213038, 1213039, 1213040, 1213041, 1213087, 1213088, 1213089, 1213090, 1213092, 1213093, 1213094, 1213095, 1213096, 1213098, 1213099, 1213100, 1213102, 1213103, 1213104, 1213105, 1213106, 1213107, 1213108, 1213109, 1213110, 1213111, 1213112, 1213113, 1213114, 1213116, 1213134
CVE References: CVE-2022-36280, CVE-2022-38096, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2022-4744, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0394, CVE-2023-0461, CVE-2023-0469, CVE-2023-0590, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1077, CVE-2023-1079, CVE-2023-1095, CVE-2023-1118, CVE-2023-1249, CVE-2023-1382, CVE-2023-1513, CVE-2023-1582, CVE-2023-1583, CVE-2023-1611, CVE-2023-1637, CVE-2023-1652, CVE-2023-1670, CVE-2023-1829, CVE-2023-1838, CVE-2023-1855, CVE-2023-1989, CVE-2023-1998, CVE-2023-2002, CVE-2023-21102, CVE-2023-21106, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2176, CVE-2023-2235, CVE-2023-2269, CVE-2023-22998, CVE-2023-23000, CVE-2023-23001, CVE-2023-23004, CVE-2023-23006, CVE-2023-2430, CVE-2023-2483, CVE-2023-25012, CVE-2023-2513, CVE-2023-26545, CVE-2023-28327, CVE-2023-28410, CVE-2023-28464, CVE-2023-28866, CVE-2023-3006, CVE-2023-30456, CVE-2023-30772, CVE-2023-3090, CVE-2023-31084, CVE-2023-3111, CVE-2023-3141, CVE-2023-31436, CVE-2023-3161, CVE-2023-3212, CVE-2023-3220, CVE-2023-32233, CVE-2023-33288, CVE-2023-3357, CVE-2023-3358, CVE-2023-3389, CVE-2023-33951, CVE-2023-33952, CVE-2023-35788, CVE-2023-35823, CVE-2023-35828, CVE-2023-35829
Jira References: PED-1549, PED-3210, PED-3259, PED-3692, PED-370, PED-3750, PED-3759, PED-376, PED-3931, PED-4022, PED-835, SES-1880, SLE-18375, SLE-18377, SLE-18378, SLE-18379, SLE-18383, SLE-18384, SLE-18385, SLE-18978, SLE-18992, SLE-19001, SLE-19253, SLE-19255, SLE-19556
Sources used:
openSUSE Leap 15.5 (src): kernel-livepatch-SLE15-SP5_Update_1-1-150500.11.7.1, kernel-syms-5.14.21-150500.55.7.1, kernel-obs-qa-5.14.21-150500.55.7.1, kernel-obs-build-5.14.21-150500.55.7.1, kernel-source-5.14.21-150500.55.7.1, kernel-default-base-5.14.21-150500.55.7.1.150500.6.2.5
Basesystem Module 15-SP5 (src): kernel-source-5.14.21-150500.55.7.1, kernel-default-base-5.14.21-150500.55.7.1.150500.6.2.5
Development Tools Module 15-SP5 (src): kernel-source-5.14.21-150500.55.7.1, kernel-syms-5.14.21-150500.55.7.1, kernel-obs-build-5.14.21-150500.55.7.1
SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5_Update_1-1-150500.11.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 55 Maintenance Automation 2024-02-27 11:01:26 UTC

SUSE-SU-2023:0774-1: An update that solves 17 vulnerabilities and has 92 security fixes can now be installed.

Category: security (important)
Bug References: 1166486, 1177529, 1193629, 1197534, 1198438, 1200054, 1202633, 1203331, 1203332, 1204363, 1204993, 1205544, 1206103, 1206224, 1206232, 1206459, 1206640, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206886, 1206894, 1206935, 1207036, 1207050, 1207051, 1207125, 1207270, 1207328, 1207588, 1207590, 1207591, 1207592, 1207593, 1207594, 1207603, 1207605, 1207606, 1207608, 1207609, 1207613, 1207615, 1207617, 1207618, 1207619, 1207620, 1207621, 1207623, 1207624, 1207625, 1207626, 1207630, 1207631, 1207632, 1207634, 1207635, 1207636, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207768, 1207770, 1207771, 1207773, 1207795, 1207845, 1207875, 1208149, 1208153, 1208183, 1208212, 1208290, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208542, 1208570, 1208607, 1208628, 1208700, 1208741, 1208759, 1208776, 1208784, 1208787, 1208816, 1208837, 1208843, 1209188
CVE References: CVE-2022-3523, CVE-2022-36280, CVE-2022-38096, CVE-2023-0045, CVE-2023-0122, CVE-2023-0461, CVE-2023-0590, CVE-2023-0597, CVE-2023-1118, CVE-2023-22995, CVE-2023-22998, CVE-2023-23000, CVE-2023-23004, CVE-2023-23454, CVE-2023-23455, CVE-2023-23559, CVE-2023-26545
Sources used:
openSUSE Leap 15.4 (src): kernel-syms-azure-5.14.21-150400.14.37.1, kernel-source-azure-5.14.21-150400.14.37.1
Public Cloud Module 15-SP4 (src): kernel-syms-azure-5.14.21-150400.14.37.1, kernel-source-azure-5.14.21-150400.14.37.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.