1211037 – (CVE-2023-2483) VUL-0: CVE-2023-2483: kernel: net: qcom/emac: race condition leading to use-after-free in emac_remove()

Bug 1211037 (CVE-2023-2483) - VUL-0: CVE-2023-2483: kernel: net: qcom/emac: race condition leading to use-after-free in emac_remove()

Summary: VUL-0: CVE-2023-2483: kernel: net: qcom/emac: race condition leading to use-a...

Status:	RESOLVED FIXED
Duplicates (1):	CVE-2023-33203 (view as bug list)

Alias:	CVE-2023-2483

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/364941/
Whiteboard:	CVSSv3.1:SUSE:CVE-2023-2483:6.4:(AV:L...
Keywords:

Depends on:
Blocks:	1211038
	Show dependency tree / graph

Clone This Bug

Reported:	2023-05-03 06:41 UTC by Alexander Bergmann
Modified:	2024-06-25 17:38 UTC (History)
CC List:	8 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alexander Bergmann 2023-05-03 06:41:06 UTC

CVE-2023-2483

In emac_probe, &adpt->work_thread is bound with emac_work_thread. Then it will be started by timeout handler emac_tx_timeout or a IRQ handler emac_isr. If we remove the driver which will call emac_remove to make cleanup, there may be a unfinished work. This could lead to a use-after-free.

Upstream fix:
https://github.com/torvalds/linux/commit/6b6bc5b8bd2d

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2483
https://bugzilla.redhat.com/show_bug.cgi?id=2192667

Comment 1 Michal Hocko 2023-05-03 06:58:20 UTC

Fixes: b9b17de ("net: emac: emac gigabit ethernet controller driver") suggests this is 4.9+ relevant. The fix is rather straightforward but is this really security related? Is there any way how an unprivileged user can trigger the module removal?

Comment 3 Alexander Bergmann 2023-05-03 07:15:15 UTC

@Michal, yes, that's the old discussion about the root user. (In reply to Michal Hocko from comment #1)

> Is there any way how an unprivileged user can trigger the module removal?

I know, that's the old discussion about the root user we had so many times. Nevertheless, we should fix this.

I've changed the "Privileges Required" (PR) vector to "High". CVSSv3.1 score is now 6.4. Closing the live patch bug bsc#1211038.

Comment 4 Hannes Reinecke 2023-05-03 07:53:05 UTC

Denis, can you have a look here?

Comment 7 Denis Kirjanov 2023-05-04 16:50:27 UTC

(In reply to Hannes Reinecke from comment #4)
> Denis, can you have a look here?

pushed to cve/linux-4.12, cve/linux-5.3 and adjusted references in SLE15-SP4 and SLE15-SP5

Comment 11 Maintenance Automation 2023-05-10 20:30:21 UTC

SUSE-SU-2023:2162-1: An update that solves 12 vulnerabilities and has 17 fixes can now be installed.

Category: security (important)
Bug References: 1142685, 1142926, 1174777, 1190544, 1202353, 1205128, 1207088, 1209342, 1209687, 1209777, 1209871, 1209887, 1209969, 1209999, 1210202, 1210301, 1210329, 1210336, 1210337, 1210430, 1210460, 1210466, 1210469, 1210498, 1210506, 1210534, 1210647, 1210827, 1211037
CVE References: CVE-2020-36691, CVE-2022-43945, CVE-2023-1611, CVE-2023-1670, CVE-2023-1855, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-2483, CVE-2023-30772
Sources used:
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): kernel-source-azure-4.12.14-16.133.1, kernel-syms-azure-4.12.14-16.133.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src): kernel-source-azure-4.12.14-16.133.1, kernel-syms-azure-4.12.14-16.133.1
SUSE Linux Enterprise Server 12 SP5 (src): kernel-source-azure-4.12.14-16.133.1, kernel-syms-azure-4.12.14-16.133.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 12 Maintenance Automation 2023-05-11 08:30:14 UTC

SUSE-SU-2023:2163-1: An update that solves 12 vulnerabilities and has 17 fixes can now be installed.

Category: security (important)
Bug References: 1142685, 1142926, 1174777, 1190544, 1202353, 1205128, 1207088, 1209342, 1209687, 1209777, 1209871, 1209887, 1209969, 1209999, 1210202, 1210301, 1210329, 1210336, 1210337, 1210430, 1210460, 1210466, 1210469, 1210498, 1210506, 1210534, 1210647, 1210827, 1211037
CVE References: CVE-2020-36691, CVE-2022-43945, CVE-2023-1611, CVE-2023-1670, CVE-2023-1855, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-2483, CVE-2023-30772
Sources used:
SUSE Linux Enterprise Live Patching 12-SP5 (src): kgraft-patch-SLE12-SP5_Update_43-1-8.3.1
SUSE Linux Enterprise Software Development Kit 12 SP5 (src): kernel-obs-build-4.12.14-122.159.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src): kernel-syms-4.12.14-122.159.1, kernel-source-4.12.14-122.159.1
SUSE Linux Enterprise Server 12 SP5 (src): kernel-syms-4.12.14-122.159.1, kernel-source-4.12.14-122.159.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): kernel-syms-4.12.14-122.159.1, kernel-source-4.12.14-122.159.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 15 Marcus Meissner 2023-05-16 15:12:53 UTC

*** Bug 1210685 has been marked as a duplicate of this bug. ***

Comment 16 Maintenance Automation 2023-05-17 16:30:15 UTC

SUSE-SU-2023:2232-1: An update that solves 28 vulnerabilities and has 14 fixes can now be installed.

Category: security (important)
Bug References: 1076830, 1194535, 1202353, 1205128, 1207036, 1207125, 1207168, 1207185, 1207795, 1207845, 1208179, 1208333, 1208599, 1208777, 1208837, 1208850, 1209008, 1209052, 1209256, 1209289, 1209291, 1209532, 1209547, 1209549, 1209613, 1209687, 1209777, 1209778, 1209845, 1209871, 1209887, 1210124, 1210202, 1210301, 1210329, 1210336, 1210337, 1210469, 1210498, 1210506, 1210647, 1211037
CVE References: CVE-2017-5753, CVE-2020-36691, CVE-2021-3923, CVE-2021-4203, CVE-2022-20567, CVE-2022-43945, CVE-2023-0590, CVE-2023-0597, CVE-2023-1076, CVE-2023-1095, CVE-2023-1118, CVE-2023-1390, CVE-2023-1513, CVE-2023-1611, CVE-2023-1670, CVE-2023-1855, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2124, CVE-2023-2162, CVE-2023-23454, CVE-2023-23455, CVE-2023-2483, CVE-2023-28328, CVE-2023-28464, CVE-2023-28772, CVE-2023-30772
Sources used:
SUSE OpenStack Cloud 9 (src): kernel-source-4.12.14-95.125.1, kernel-syms-4.12.14-95.125.1
SUSE OpenStack Cloud Crowbar 9 (src): kernel-source-4.12.14-95.125.1, kernel-syms-4.12.14-95.125.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4 (src): kernel-source-4.12.14-95.125.1, kernel-syms-4.12.14-95.125.1, drbd-9.0.14+git.62f906cf-4.26.2
SUSE Linux Enterprise High Availability Extension 12 SP4 (src): drbd-9.0.14+git.62f906cf-4.26.2
SUSE Linux Enterprise Live Patching 12-SP4 (src): kgraft-patch-SLE12-SP4_Update_35-1-6.5.1
SUSE Linux Enterprise Server 12 SP4 ESPOS 12-SP4 (src): kernel-source-4.12.14-95.125.1, kernel-syms-4.12.14-95.125.1
SUSE Linux Enterprise Server 12 SP4 LTSS 12-SP4 (src): kernel-source-4.12.14-95.125.1, kernel-syms-4.12.14-95.125.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 27 Maintenance Automation 2023-06-13 16:30:10 UTC

SUSE-SU-2023:2502-1: An update that solves 21 vulnerabilities and has four fixes can now be installed.

Category: security (important)
Bug References: 1199636, 1204405, 1205756, 1205758, 1205760, 1205762, 1205803, 1206024, 1208474, 1208604, 1209287, 1209779, 1210715, 1210783, 1210940, 1211037, 1211043, 1211105, 1211131, 1211186, 1211203, 1211590, 1211592, 1211596, 1211622
CVE References: CVE-2020-36694, CVE-2022-3566, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-1079, CVE-2023-1380, CVE-2023-1637, CVE-2023-2156, CVE-2023-2194, CVE-2023-23586, CVE-2023-2483, CVE-2023-2513, CVE-2023-31084, CVE-2023-31436, CVE-2023-32233, CVE-2023-32269, CVE-2023-33288
Sources used:
SUSE Real Time Module 15-SP3 (src): kernel-syms-rt-5.3.18-150300.130.1, kernel-source-rt-5.3.18-150300.130.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 28 Maintenance Automation 2023-06-13 16:30:23 UTC

SUSE-SU-2023:2501-1: An update that solves 16 vulnerabilities and has 22 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1118212, 1129770, 1154048, 1204405, 1205756, 1205758, 1205760, 1205762, 1205803, 1206878, 1209287, 1209366, 1209857, 1210544, 1210629, 1210715, 1210783, 1210806, 1210940, 1211037, 1211044, 1211105, 1211186, 1211275, 1211360, 1211361, 1211362, 1211363, 1211364, 1211365, 1211366, 1211466, 1211592, 1211622, 1211801, 1211816, 1211960
CVE References: CVE-2022-3566, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-1380, CVE-2023-2176, CVE-2023-2194, CVE-2023-2269, CVE-2023-2483, CVE-2023-2513, CVE-2023-28466, CVE-2023-31084, CVE-2023-31436, CVE-2023-32269
Sources used:
SUSE Linux Enterprise Real Time 12 SP5 (src): kernel-syms-rt-4.12.14-10.127.1, kernel-source-rt-4.12.14-10.127.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 29 Maintenance Automation 2023-06-13 16:30:38 UTC

SUSE-SU-2023:2500-1: An update that solves 23 vulnerabilities, contains 14 features and has 52 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1172073, 1191731, 1193629, 1195655, 1195921, 1203906, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1206024, 1206578, 1207553, 1208604, 1208758, 1209287, 1209288, 1209856, 1209982, 1210165, 1210294, 1210449, 1210450, 1210498, 1210533, 1210551, 1210566, 1210647, 1210741, 1210775, 1210783, 1210791, 1210806, 1210940, 1210947, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211187, 1211205, 1211260, 1211263, 1211280, 1211281, 1211395, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211796, 1211804, 1211807, 1211808, 1211819, 1211847, 1211855, 1211960
CVE References: CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-1079, CVE-2023-1380, CVE-2023-1382, CVE-2023-2002, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2269, CVE-2023-2483, CVE-2023-2513, CVE-2023-28410, CVE-2023-3006, CVE-2023-30456, CVE-2023-31084, CVE-2023-31436, CVE-2023-32233, CVE-2023-33288
Jira References: PED-3692, PED-4022, SLE-18375, SLE-18377, SLE-18378, SLE-18379, SLE-18383, SLE-18384, SLE-18385, SLE-18978, SLE-18992, SLE-19001, SLE-19255, SLE-19556
Sources used:
openSUSE Leap 15.4 (src): kernel-source-azure-5.14.21-150400.14.52.1, kernel-syms-azure-5.14.21-150400.14.52.1
Public Cloud Module 15-SP4 (src): kernel-source-azure-5.14.21-150400.14.52.1, kernel-syms-azure-5.14.21-150400.14.52.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 33 Maintenance Automation 2023-06-19 08:30:14 UTC

SUSE-SU-2023:2534-1: An update that solves 16 vulnerabilities and has 10 fixes can now be installed.

Category: security (important)
Bug References: 1172073, 1191731, 1199046, 1204405, 1205756, 1205758, 1205760, 1205762, 1205803, 1206878, 1208600, 1209287, 1209366, 1210629, 1210715, 1210783, 1210791, 1210940, 1211037, 1211089, 1211105, 1211186, 1211519, 1211592, 1211622, 1211796
CVE References: CVE-2022-3566, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-1077, CVE-2023-1380, CVE-2023-2176, CVE-2023-2194, CVE-2023-2483, CVE-2023-2513, CVE-2023-28466, CVE-2023-31084, CVE-2023-31436, CVE-2023-32269
Sources used:
SUSE Linux Enterprise Live Patching 15-SP1 (src): kernel-livepatch-SLE15-SP1_Update_41-1-150100.3.3.1
SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (src): kernel-syms-4.12.14-150100.197.148.1, kernel-obs-build-4.12.14-150100.197.148.1, kernel-source-4.12.14-150100.197.148.1
SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (src): kernel-syms-4.12.14-150100.197.148.1, kernel-obs-build-4.12.14-150100.197.148.1, kernel-source-4.12.14-150100.197.148.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1 (src): kernel-syms-4.12.14-150100.197.148.1, kernel-obs-build-4.12.14-150100.197.148.1, kernel-source-4.12.14-150100.197.148.1
SUSE CaaS Platform 4.0 (src): kernel-syms-4.12.14-150100.197.148.1, kernel-obs-build-4.12.14-150100.197.148.1, kernel-source-4.12.14-150100.197.148.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 35 Maintenance Automation 2023-06-22 08:30:10 UTC

SUSE-SU-2023:2611-1: An update that solves 22 vulnerabilities and has four fixes can now be installed.

Category: security (important)
Bug References: 1184208, 1199636, 1204405, 1205756, 1205758, 1205760, 1205762, 1205803, 1206024, 1208474, 1208604, 1209287, 1209779, 1210715, 1210783, 1210940, 1211037, 1211043, 1211105, 1211131, 1211186, 1211203, 1211590, 1211592, 1211596, 1211622
CVE References: CVE-2020-36694, CVE-2021-29650, CVE-2022-3566, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-1079, CVE-2023-1380, CVE-2023-1637, CVE-2023-2156, CVE-2023-2194, CVE-2023-23586, CVE-2023-2483, CVE-2023-2513, CVE-2023-31084, CVE-2023-31436, CVE-2023-32233, CVE-2023-32269, CVE-2023-33288
Sources used:
SUSE Linux Enterprise Live Patching 15-SP3 (src): kernel-livepatch-SLE15-SP3_Update_33-1-150300.7.3.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): kernel-syms-5.3.18-150300.59.124.1, kernel-obs-build-5.3.18-150300.59.124.1, kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1, kernel-source-5.3.18-150300.59.124.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): kernel-syms-5.3.18-150300.59.124.1, kernel-obs-build-5.3.18-150300.59.124.1, kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1, kernel-source-5.3.18-150300.59.124.1
SUSE Linux Enterprise Real Time 15 SP3 (src): kernel-syms-5.3.18-150300.59.124.1, kernel-obs-build-5.3.18-150300.59.124.1, kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1, kernel-source-5.3.18-150300.59.124.1
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): kernel-syms-5.3.18-150300.59.124.1, kernel-obs-build-5.3.18-150300.59.124.1, kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1, kernel-source-5.3.18-150300.59.124.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): kernel-syms-5.3.18-150300.59.124.1, kernel-obs-build-5.3.18-150300.59.124.1, kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1, kernel-source-5.3.18-150300.59.124.1
SUSE Manager Proxy 4.2 (src): kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1, kernel-source-5.3.18-150300.59.124.1
SUSE Manager Retail Branch Server 4.2 (src): kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1, kernel-source-5.3.18-150300.59.124.1
SUSE Manager Server 4.2 (src): kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1, kernel-source-5.3.18-150300.59.124.1
SUSE Enterprise Storage 7.1 (src): kernel-syms-5.3.18-150300.59.124.1, kernel-obs-build-5.3.18-150300.59.124.1, kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1, kernel-source-5.3.18-150300.59.124.1
SUSE Linux Enterprise Micro 5.1 (src): kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1
SUSE Linux Enterprise Micro 5.2 (src): kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1
SUSE Linux Enterprise Micro for Rancher 5.2 (src): kernel-default-base-5.3.18-150300.59.124.1.150300.18.72.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 38 Maintenance Automation 2023-06-27 12:30:16 UTC

SUSE-SU-2023:2653-1: An update that solves 23 vulnerabilities, contains 14 features and has 47 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1172073, 1191731, 1193629, 1195655, 1195921, 1203906, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1206024, 1206578, 1207553, 1208604, 1208758, 1209287, 1209288, 1209856, 1209982, 1210165, 1210294, 1210449, 1210450, 1210498, 1210533, 1210551, 1210647, 1210741, 1210775, 1210783, 1210791, 1210806, 1210940, 1210947, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211205, 1211263, 1211280, 1211281, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211796, 1211804, 1211807, 1211808, 1211847, 1211855, 1211960
CVE References: CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-1079, CVE-2023-1380, CVE-2023-1382, CVE-2023-2002, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2269, CVE-2023-2483, CVE-2023-2513, CVE-2023-28410, CVE-2023-3006, CVE-2023-30456, CVE-2023-31084, CVE-2023-31436, CVE-2023-32233, CVE-2023-33288
Jira References: PED-3692, PED-4022, SLE-18375, SLE-18377, SLE-18378, SLE-18379, SLE-18383, SLE-18384, SLE-18385, SLE-18978, SLE-18992, SLE-19001, SLE-19255, SLE-19556
Sources used:
openSUSE Leap Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
openSUSE Leap 15.4 (src): kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1, kernel-source-5.14.21-150400.24.66.1, kernel-syms-5.14.21-150400.24.66.1, kernel-obs-build-5.14.21-150400.24.66.1, kernel-obs-qa-5.14.21-150400.24.66.1
SUSE Linux Enterprise Micro for Rancher 5.3 (src): kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
SUSE Linux Enterprise Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
SUSE Linux Enterprise Micro for Rancher 5.4 (src): kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
SUSE Linux Enterprise Micro 5.4 (src): kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
Basesystem Module 15-SP4 (src): kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1, kernel-source-5.14.21-150400.24.66.1
Development Tools Module 15-SP4 (src): kernel-syms-5.14.21-150400.24.66.1, kernel-source-5.14.21-150400.24.66.1, kernel-obs-build-5.14.21-150400.24.66.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4_Update_13-1-150400.9.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 39 Maintenance Automation 2023-06-27 12:30:38 UTC

SUSE-SU-2023:2651-1: An update that solves 22 vulnerabilities and has 10 fixes can now be installed.

Category: security (important)
Bug References: 1172073, 1184208, 1191731, 1199046, 1204405, 1205756, 1205758, 1205760, 1205762, 1205803, 1206024, 1208474, 1208604, 1209287, 1209779, 1210498, 1210715, 1210783, 1210791, 1210940, 1211037, 1211043, 1211089, 1211105, 1211186, 1211187, 1211260, 1211590, 1211592, 1211596, 1211622, 1211796
CVE References: CVE-2020-36694, CVE-2021-29650, CVE-2022-3566, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-1079, CVE-2023-1380, CVE-2023-1637, CVE-2023-2124, CVE-2023-2194, CVE-2023-23586, CVE-2023-2483, CVE-2023-2513, CVE-2023-31084, CVE-2023-31436, CVE-2023-32233, CVE-2023-32269, CVE-2023-33288
Sources used:
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): kernel-obs-build-5.3.18-150200.24.154.1, kernel-source-5.3.18-150200.24.154.1, kernel-syms-5.3.18-150200.24.154.1, kernel-default-base-5.3.18-150200.24.154.1.150200.9.75.1
SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): kernel-obs-build-5.3.18-150200.24.154.1, kernel-source-5.3.18-150200.24.154.1, kernel-syms-5.3.18-150200.24.154.1, kernel-default-base-5.3.18-150200.24.154.1.150200.9.75.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): kernel-obs-build-5.3.18-150200.24.154.1, kernel-source-5.3.18-150200.24.154.1, kernel-syms-5.3.18-150200.24.154.1, kernel-default-base-5.3.18-150200.24.154.1.150200.9.75.1
SUSE Enterprise Storage 7 (src): kernel-obs-build-5.3.18-150200.24.154.1, kernel-source-5.3.18-150200.24.154.1, kernel-syms-5.3.18-150200.24.154.1, kernel-default-base-5.3.18-150200.24.154.1.150200.9.75.1
SUSE Linux Enterprise Live Patching 15-SP2 (src): kernel-livepatch-SLE15-SP2_Update_37-1-150200.5.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 44 Maintenance Automation 2023-07-04 16:30:22 UTC

SUSE-SU-2023:2782-1: An update that solves 31 vulnerabilities, contains three features and has 70 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1152472, 1152489, 1160435, 1172073, 1189998, 1191731, 1193629, 1194869, 1195655, 1195921, 1203906, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1206024, 1206578, 1207553, 1208050, 1208410, 1208600, 1208604, 1208758, 1209039, 1209287, 1209288, 1209367, 1209856, 1209982, 1210165, 1210294, 1210449, 1210450, 1210498, 1210533, 1210551, 1210647, 1210741, 1210775, 1210783, 1210791, 1210806, 1210940, 1210947, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211205, 1211263, 1211280, 1211281, 1211299, 1211346, 1211387, 1211410, 1211414, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211796, 1211804, 1211807, 1211808, 1211847, 1211852, 1211855, 1211960, 1212129, 1212154, 1212155, 1212158, 1212350, 1212448, 1212494, 1212504, 1212513, 1212540, 1212561, 1212563, 1212564, 1212584, 1212592
CVE References: CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-1077, CVE-2023-1079, CVE-2023-1249, CVE-2023-1380, CVE-2023-1382, CVE-2023-2002, CVE-2023-21102, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2269, CVE-2023-2483, CVE-2023-2513, CVE-2023-28410, CVE-2023-3006, CVE-2023-30456, CVE-2023-31084, CVE-2023-3141, CVE-2023-31436, CVE-2023-3161, CVE-2023-32233, CVE-2023-33288, CVE-2023-35788, CVE-2023-35823, CVE-2023-35828
Jira References: PED-3692, PED-3931, PED-4022
Sources used:
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_8-1-150400.1.9.2
SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.37.1, kernel-syms-rt-5.14.21-150400.15.37.1
openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.37.1, kernel-syms-rt-5.14.21-150400.15.37.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 48 Maintenance Automation 2023-07-11 16:32:11 UTC

SUSE-SU-2023:2809-1: An update that solves 84 vulnerabilities, contains 25 features and has 320 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1109158, 1142685, 1152472, 1152489, 1155798, 1160435, 1166486, 1172073, 1174777, 1177529, 1185861, 1186449, 1189998, 1189999, 1191731, 1193629, 1194869, 1195175, 1195655, 1195921, 1196058, 1197534, 1197617, 1198101, 1198400, 1198438, 1198835, 1199304, 1199701, 1200054, 1202353, 1202633, 1203039, 1203200, 1203325, 1203331, 1203332, 1203693, 1203906, 1204356, 1204363, 1204662, 1204993, 1205153, 1205191, 1205205, 1205544, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1205846, 1206024, 1206036, 1206056, 1206057, 1206103, 1206224, 1206232, 1206340, 1206459, 1206492, 1206493, 1206578, 1206640, 1206649, 1206824, 1206843, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206891, 1206893, 1206894, 1206935, 1206992, 1207034, 1207036, 1207050, 1207051, 1207088, 1207125, 1207149, 1207158, 1207168, 1207185, 1207270, 1207315, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207521, 1207553, 1207560, 1207574, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207827, 1207842, 1207845, 1207875, 1207878, 1207933, 1207935, 1207948, 1208050, 1208076, 1208081, 1208105, 1208107, 1208128, 1208130, 1208149, 1208153, 1208183, 1208212, 1208219, 1208290, 1208368, 1208410, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208542, 1208570, 1208588, 1208598, 1208599, 1208600, 1208601, 1208602, 1208604, 1208605, 1208607, 1208619, 1208628, 1208700, 1208741, 1208758, 1208759, 1208776, 1208777, 1208784, 1208787, 1208815, 1208816, 1208829, 1208837, 1208843, 1208845, 1208848, 1208864, 1208902, 1208948, 1208976, 1209008, 1209039, 1209052, 1209092, 1209159, 1209256, 1209258, 1209262, 1209287, 1209288, 1209290, 1209291, 1209292, 1209366, 1209367, 1209436, 1209457, 1209504, 1209532, 1209556, 1209600, 1209615, 1209635, 1209636, 1209637, 1209684, 1209687, 1209693, 1209739, 1209779, 1209780, 1209788, 1209798, 1209799, 1209804, 1209805, 1209856, 1209871, 1209927, 1209980, 1209982, 1209999, 1210034, 1210050, 1210158, 1210165, 1210202, 1210203, 1210206, 1210216, 1210230, 1210294, 1210301, 1210329, 1210336, 1210337, 1210409, 1210439, 1210449, 1210450, 1210453, 1210454, 1210469, 1210498, 1210506, 1210533, 1210551, 1210629, 1210644, 1210647, 1210725, 1210741, 1210762, 1210763, 1210764, 1210765, 1210766, 1210767, 1210768, 1210769, 1210770, 1210771, 1210775, 1210783, 1210791, 1210793, 1210806, 1210816, 1210817, 1210827, 1210940, 1210943, 1210947, 1210953, 1210986, 1211025, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211205, 1211263, 1211280, 1211281, 1211299, 1211346, 1211387, 1211400, 1211410, 1211414, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211593, 1211595, 1211654, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211794, 1211796, 1211804, 1211807, 1211808, 1211820, 1211836, 1211847, 1211852, 1211855, 1211960, 1212129, 1212154, 1212155, 1212158, 1212350, 1212405, 1212445, 1212448, 1212494, 1212495, 1212504, 1212513, 1212540, 1212556, 1212561, 1212563, 1212564, 1212584, 1212592, 1212605, 1212606, 1212619, 1212701, 1212741
CVE References: CVE-2020-24588, CVE-2022-2196, CVE-2022-3523, CVE-2022-36280, CVE-2022-38096, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2022-4744, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0386, CVE-2023-0394, CVE-2023-0461, CVE-2023-0469, CVE-2023-0590, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1077, CVE-2023-1078, CVE-2023-1079, CVE-2023-1095, CVE-2023-1118, CVE-2023-1249, CVE-2023-1382, CVE-2023-1513, CVE-2023-1582, CVE-2023-1583, CVE-2023-1611, CVE-2023-1637, CVE-2023-1652, CVE-2023-1670, CVE-2023-1838, CVE-2023-1855, CVE-2023-1989, CVE-2023-1998, CVE-2023-2002, CVE-2023-21102, CVE-2023-21106, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2176, CVE-2023-2235, CVE-2023-2269, CVE-2023-22998, CVE-2023-23000, CVE-2023-23001, CVE-2023-23004, CVE-2023-23006, CVE-2023-23454, CVE-2023-23455, CVE-2023-2483, CVE-2023-25012, CVE-2023-2513, CVE-2023-26545, CVE-2023-28327, CVE-2023-28410, CVE-2023-28464, CVE-2023-28466, CVE-2023-28866, CVE-2023-3006, CVE-2023-30456, CVE-2023-30772, CVE-2023-31084, CVE-2023-3141, CVE-2023-31436, CVE-2023-3161, CVE-2023-3220, CVE-2023-32233, CVE-2023-33288, CVE-2023-3357, CVE-2023-3358, CVE-2023-33951, CVE-2023-33952, CVE-2023-35788, CVE-2023-35823, CVE-2023-35828, CVE-2023-35829
Jira References: PED-1549, PED-3210, PED-3259, PED-3692, PED-370, PED-3750, PED-3759, PED-376, PED-3931, PED-4022, PED-835, SES-1880, SLE-18375, SLE-18377, SLE-18378, SLE-18379, SLE-18383, SLE-18384, SLE-18385, SLE-18978, SLE-18992, SLE-19001, SLE-19253, SLE-19255, SLE-19556
Sources used:
openSUSE Leap 15.5 (src): kernel-livepatch-SLE15-SP5-RT_Update_1-1-150500.11.5.1, kernel-syms-rt-5.14.21-150500.13.5.1, kernel-source-rt-5.14.21-150500.13.5.1
SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5-RT_Update_1-1-150500.11.5.1
SUSE Real Time Module 15-SP5 (src): kernel-syms-rt-5.14.21-150500.13.5.1, kernel-source-rt-5.14.21-150500.13.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 49 Maintenance Automation 2023-07-18 16:32:54 UTC

SUSE-SU-2023:2871-1: An update that solves 82 vulnerabilities, contains 25 features and has 390 fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1109158, 1142685, 1152472, 1152489, 1155798, 1160435, 1166486, 1172073, 1174777, 1177529, 1186449, 1187829, 1189998, 1189999, 1191731, 1193629, 1194869, 1195175, 1195655, 1195921, 1196058, 1197534, 1197617, 1198101, 1198400, 1198438, 1198835, 1199304, 1199701, 1200054, 1202353, 1202633, 1203039, 1203200, 1203325, 1203331, 1203332, 1203693, 1203906, 1204356, 1204363, 1204662, 1204993, 1205153, 1205191, 1205205, 1205544, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1205846, 1206024, 1206036, 1206056, 1206057, 1206103, 1206224, 1206232, 1206340, 1206459, 1206492, 1206493, 1206552, 1206578, 1206640, 1206649, 1206677, 1206824, 1206843, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206891, 1206893, 1206894, 1206935, 1206992, 1207034, 1207036, 1207050, 1207051, 1207088, 1207125, 1207149, 1207158, 1207168, 1207185, 1207270, 1207315, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207521, 1207553, 1207560, 1207574, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207827, 1207842, 1207845, 1207875, 1207878, 1207933, 1207935, 1207948, 1208050, 1208076, 1208081, 1208105, 1208107, 1208128, 1208130, 1208149, 1208153, 1208183, 1208212, 1208219, 1208290, 1208368, 1208410, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208542, 1208570, 1208588, 1208598, 1208599, 1208600, 1208601, 1208602, 1208604, 1208605, 1208607, 1208619, 1208628, 1208700, 1208741, 1208758, 1208759, 1208776, 1208777, 1208784, 1208787, 1208815, 1208816, 1208829, 1208837, 1208843, 1208845, 1208848, 1208864, 1208902, 1208948, 1208976, 1209008, 1209039, 1209052, 1209092, 1209159, 1209256, 1209258, 1209262, 1209287, 1209288, 1209290, 1209291, 1209292, 1209366, 1209367, 1209436, 1209457, 1209504, 1209532, 1209556, 1209600, 1209615, 1209635, 1209636, 1209637, 1209684, 1209687, 1209693, 1209739, 1209779, 1209780, 1209788, 1209798, 1209799, 1209804, 1209805, 1209856, 1209871, 1209927, 1209980, 1209982, 1209999, 1210034, 1210050, 1210158, 1210165, 1210202, 1210203, 1210206, 1210216, 1210230, 1210294, 1210301, 1210329, 1210335, 1210336, 1210337, 1210409, 1210439, 1210449, 1210450, 1210453, 1210454, 1210498, 1210506, 1210533, 1210551, 1210565, 1210584, 1210629, 1210644, 1210647, 1210725, 1210741, 1210762, 1210763, 1210764, 1210765, 1210766, 1210767, 1210768, 1210769, 1210770, 1210771, 1210775, 1210783, 1210791, 1210793, 1210806, 1210816, 1210817, 1210827, 1210853, 1210940, 1210943, 1210947, 1210953, 1210986, 1211014, 1211025, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211205, 1211263, 1211280, 1211281, 1211299, 1211346, 1211387, 1211400, 1211410, 1211414, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211593, 1211595, 1211654, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211794, 1211796, 1211804, 1211807, 1211808, 1211820, 1211836, 1211847, 1211852, 1211855, 1211960, 1212051, 1212129, 1212154, 1212155, 1212158, 1212265, 1212350, 1212445, 1212448, 1212456, 1212494, 1212495, 1212504, 1212513, 1212540, 1212556, 1212561, 1212563, 1212564, 1212584, 1212592, 1212603, 1212605, 1212606, 1212619, 1212685, 1212701, 1212741, 1212835, 1212838, 1212842, 1212848, 1212861, 1212869, 1212892, 1212961, 1213010, 1213011, 1213012, 1213013, 1213014, 1213015, 1213016, 1213017, 1213018, 1213019, 1213020, 1213021, 1213024, 1213025, 1213032, 1213034, 1213035, 1213036, 1213037, 1213038, 1213039, 1213040, 1213041, 1213087, 1213088, 1213089, 1213090, 1213092, 1213093, 1213094, 1213095, 1213096, 1213098, 1213099, 1213100, 1213102, 1213103, 1213104, 1213105, 1213106, 1213107, 1213108, 1213109, 1213110, 1213111, 1213112, 1213113, 1213114, 1213116, 1213134
CVE References: CVE-2022-36280, CVE-2022-38096, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2022-4744, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0394, CVE-2023-0461, CVE-2023-0469, CVE-2023-0590, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1077, CVE-2023-1079, CVE-2023-1095, CVE-2023-1118, CVE-2023-1249, CVE-2023-1382, CVE-2023-1513, CVE-2023-1582, CVE-2023-1583, CVE-2023-1611, CVE-2023-1637, CVE-2023-1652, CVE-2023-1670, CVE-2023-1829, CVE-2023-1838, CVE-2023-1855, CVE-2023-1989, CVE-2023-1998, CVE-2023-2002, CVE-2023-21102, CVE-2023-21106, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2176, CVE-2023-2235, CVE-2023-2269, CVE-2023-22998, CVE-2023-23000, CVE-2023-23001, CVE-2023-23004, CVE-2023-23006, CVE-2023-2430, CVE-2023-2483, CVE-2023-25012, CVE-2023-2513, CVE-2023-26545, CVE-2023-28327, CVE-2023-28410, CVE-2023-28464, CVE-2023-28866, CVE-2023-3006, CVE-2023-30456, CVE-2023-30772, CVE-2023-3090, CVE-2023-31084, CVE-2023-3111, CVE-2023-3141, CVE-2023-31436, CVE-2023-3161, CVE-2023-3212, CVE-2023-3220, CVE-2023-32233, CVE-2023-33288, CVE-2023-3357, CVE-2023-3358, CVE-2023-3389, CVE-2023-33951, CVE-2023-33952, CVE-2023-35788, CVE-2023-35823, CVE-2023-35828, CVE-2023-35829
Jira References: PED-1549, PED-3210, PED-3259, PED-3692, PED-370, PED-3750, PED-3759, PED-376, PED-3931, PED-4022, PED-835, SES-1880, SLE-18375, SLE-18377, SLE-18378, SLE-18379, SLE-18383, SLE-18384, SLE-18385, SLE-18978, SLE-18992, SLE-19001, SLE-19253, SLE-19255, SLE-19556
Sources used:
openSUSE Leap 15.5 (src): kernel-livepatch-SLE15-SP5_Update_1-1-150500.11.7.1, kernel-syms-5.14.21-150500.55.7.1, kernel-obs-qa-5.14.21-150500.55.7.1, kernel-obs-build-5.14.21-150500.55.7.1, kernel-source-5.14.21-150500.55.7.1, kernel-default-base-5.14.21-150500.55.7.1.150500.6.2.5
Basesystem Module 15-SP5 (src): kernel-source-5.14.21-150500.55.7.1, kernel-default-base-5.14.21-150500.55.7.1.150500.6.2.5
Development Tools Module 15-SP5 (src): kernel-source-5.14.21-150500.55.7.1, kernel-syms-5.14.21-150500.55.7.1, kernel-obs-build-5.14.21-150500.55.7.1
SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5_Update_1-1-150500.11.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 51 Michal Koutný 2023-09-21 17:39:23 UTC

Eh, oh, the breaking b9b17de is backported to SLE12-SP3-LTSS and SLE12-SP3-TD.

Denis, could you please submit additional fix to cve/linux-4.4 or respective target branches?

(Other relevant branches look fixed.)

Comment 52 Denis Kirjanov 2023-10-12 10:01:41 UTC

(In reply to Michal Koutný from comment #51)
> Eh, oh, the breaking b9b17de is backported to SLE12-SP3-LTSS and
> SLE12-SP3-TD.
> 
> Denis, could you please submit additional fix to cve/linux-4.4 or respective
> target branches?
> 
> (Other relevant branches look fixed.)

4.4 doesn't have emac driver from qualcomm. I've pushed to SLE12-SP3-LTSS and
 SLE12-SP3-TD.
Thanks!

Comment 56 Maintenance Automation 2024-02-27 12:01:24 UTC

SUSE-SU-2023:2646-1: An update that solves 69 vulnerabilities, contains six features and has 292 security fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1109158, 1142685, 1152472, 1152489, 1155798, 1160435, 1166486, 1172073, 1174777, 1177529, 1186449, 1189998, 1189999, 1191731, 1193629, 1194869, 1195175, 1195655, 1195921, 1196058, 1197534, 1197617, 1198101, 1198438, 1198835, 1199304, 1200054, 1202353, 1202633, 1203039, 1203200, 1203325, 1203331, 1203332, 1203693, 1203906, 1204356, 1204662, 1204993, 1205191, 1205205, 1205544, 1205650, 1205756, 1205758, 1205760, 1205762, 1205803, 1205846, 1206024, 1206036, 1206056, 1206057, 1206103, 1206224, 1206232, 1206340, 1206459, 1206492, 1206493, 1206552, 1206578, 1206640, 1206649, 1206677, 1206824, 1206843, 1206876, 1206877, 1206878, 1206880, 1206881, 1206882, 1206883, 1206884, 1206885, 1206886, 1206887, 1206888, 1206889, 1206890, 1206891, 1206893, 1206894, 1206935, 1206992, 1207034, 1207050, 1207088, 1207149, 1207158, 1207168, 1207185, 1207270, 1207315, 1207328, 1207497, 1207500, 1207501, 1207506, 1207507, 1207521, 1207553, 1207560, 1207574, 1207588, 1207589, 1207590, 1207591, 1207592, 1207593, 1207594, 1207602, 1207603, 1207605, 1207606, 1207607, 1207608, 1207609, 1207610, 1207611, 1207612, 1207613, 1207614, 1207615, 1207616, 1207617, 1207618, 1207619, 1207620, 1207621, 1207622, 1207623, 1207624, 1207625, 1207626, 1207627, 1207628, 1207629, 1207630, 1207631, 1207632, 1207633, 1207634, 1207635, 1207636, 1207637, 1207638, 1207639, 1207640, 1207641, 1207642, 1207643, 1207644, 1207645, 1207646, 1207647, 1207648, 1207649, 1207650, 1207651, 1207652, 1207653, 1207734, 1207768, 1207769, 1207770, 1207771, 1207773, 1207795, 1207827, 1207842, 1207845, 1207875, 1207878, 1207935, 1207948, 1208050, 1208076, 1208081, 1208105, 1208107, 1208128, 1208130, 1208149, 1208153, 1208183, 1208212, 1208219, 1208290, 1208368, 1208420, 1208428, 1208429, 1208449, 1208534, 1208541, 1208542, 1208570, 1208588, 1208598, 1208599, 1208600, 1208602, 1208604, 1208605, 1208607, 1208619, 1208628, 1208700, 1208758, 1208759, 1208776, 1208777, 1208784, 1208787, 1208815, 1208816, 1208829, 1208837, 1208843, 1208845, 1208848, 1208864, 1208902, 1208948, 1208976, 1209008, 1209052, 1209092, 1209159, 1209256, 1209258, 1209262, 1209287, 1209288, 1209290, 1209292, 1209367, 1209457, 1209504, 1209532, 1209556, 1209600, 1209635, 1209636, 1209637, 1209684, 1209687, 1209693, 1209739, 1209779, 1209788, 1209798, 1209799, 1209804, 1209805, 1209856, 1209871, 1209927, 1209980, 1209982, 1209999, 1210034, 1210050, 1210158, 1210165, 1210202, 1210203, 1210206, 1210216, 1210230, 1210294, 1210301, 1210329, 1210336, 1210409, 1210439, 1210449, 1210450, 1210469, 1210498, 1210506, 1210533, 1210551, 1210629, 1210644, 1210647, 1210725, 1210741, 1210762, 1210763, 1210764, 1210765, 1210766, 1210767, 1210768, 1210769, 1210770, 1210771, 1210775, 1210783, 1210791, 1210793, 1210806, 1210816, 1210817, 1210827, 1210940, 1210943, 1210947, 1210953, 1210986, 1211025, 1211037, 1211043, 1211044, 1211089, 1211105, 1211113, 1211131, 1211140, 1211205, 1211263, 1211280, 1211281, 1211299, 1211387, 1211414, 1211449, 1211465, 1211519, 1211564, 1211590, 1211592, 1211593, 1211595, 1211654, 1211686, 1211687, 1211688, 1211689, 1211690, 1211691, 1211692, 1211693, 1211714, 1211796, 1211804, 1211807, 1211808, 1211820, 1211836, 1211847, 1211855, 1211960, 1212129, 1212154, 1212155, 1212158
CVE References: CVE-2022-2196, CVE-2022-36280, CVE-2022-38096, CVE-2022-4269, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2022-4744, CVE-2023-0045, CVE-2023-0122, CVE-2023-0179, CVE-2023-0394, CVE-2023-0461, CVE-2023-0469, CVE-2023-0590, CVE-2023-0597, CVE-2023-1075, CVE-2023-1076, CVE-2023-1077, CVE-2023-1079, CVE-2023-1095, CVE-2023-1118, CVE-2023-1380, CVE-2023-1382, CVE-2023-1513, CVE-2023-1582, CVE-2023-1583, CVE-2023-1611, CVE-2023-1637, CVE-2023-1652, CVE-2023-1670, CVE-2023-1838, CVE-2023-1855, CVE-2023-1989, CVE-2023-1998, CVE-2023-2002, CVE-2023-21102, CVE-2023-21106, CVE-2023-2124, CVE-2023-2156, CVE-2023-2162, CVE-2023-2176, CVE-2023-2235, CVE-2023-2269, CVE-2023-22998, CVE-2023-23000, CVE-2023-23001, CVE-2023-23004, CVE-2023-23006, CVE-2023-2483, CVE-2023-25012, CVE-2023-2513, CVE-2023-26545, CVE-2023-28327, CVE-2023-28410, CVE-2023-28464, CVE-2023-3006, CVE-2023-30456, CVE-2023-30772, CVE-2023-31084, CVE-2023-3141, CVE-2023-31436, CVE-2023-3161, CVE-2023-32233, CVE-2023-33288, CVE-2023-33951, CVE-2023-33952
Jira References: PED-3210, PED-3259, PED-3692, PED-3750, PED-3759, PED-4022
Sources used:
openSUSE Leap 15.5 (src): kernel-source-azure-5.14.21-150500.33.3.1, kernel-syms-azure-5.14.21-150500.33.3.1
Public Cloud Module 15-SP5 (src): kernel-source-azure-5.14.21-150500.33.3.1, kernel-syms-azure-5.14.21-150500.33.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 60 Robert Frohl 2024-05-07 09:11:34 UTC

done, closing