Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-43945 (GCVE-0-2022-43945)
Vulnerability from cvelistv5 – Published: 2022-11-04 00:00 – Updated: 2026-05-12 10:12
VLAI
EPSS
Summary
The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-131 - Incorrect Calculation of Buffer Size
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel |
Affected:
< 6.0.2
|
|
| Siemens | SIMATIC S7-1500 TM MFP - GNU/Linux subsystem |
Affected:
0 , < *
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:40:06.873Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f90497a16e434c2211c66e3de8e77b17868382b8"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20221215-0006/"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/171289/Kernel-Live-Patch-Security-Notice-LNS-0092-1.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-43945",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-01T19:08:01.476613Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-01T19:08:43.378Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T10:12:31.054Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "affected",
"version": "\u003c 6.0.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-131",
"description": "CWE-131: Incorrect Calculation of Buffer Size",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-08T00:00:00.000Z",
"orgId": "8cad7728-009c-4a3d-a95e-ca62e6ff8a0b",
"shortName": "SNPS"
},
"references": [
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f90497a16e434c2211c66e3de8e77b17868382b8"
},
{
"url": "https://security.netapp.com/advisory/ntap-20221215-0006/"
},
{
"url": "http://packetstormsecurity.com/files/171289/Kernel-Live-Patch-Security-Notice-LNS-0092-1.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8cad7728-009c-4a3d-a95e-ca62e6ff8a0b",
"assignerShortName": "SNPS",
"cveId": "CVE-2022-43945",
"datePublished": "2022-11-04T00:00:00.000Z",
"dateReserved": "2022-10-26T00:00:00.000Z",
"dateUpdated": "2026-05-12T10:12:31.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2022-43945",
"date": "2026-06-02",
"epss": "0.00223",
"percentile": "0.44966"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-43945\",\"sourceIdentifier\":\"disclosure@synopsys.com\",\"published\":\"2022-11-04T19:15:11.180\",\"lastModified\":\"2026-05-12T10:16:38.503\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\"},{\"lang\":\"es\",\"value\":\"La implementaci\u00f3n NFSD del kernel de Linux anterior a las versiones 5.19.17 y 6.0.2 es vulnerable al desbordamiento del b\u00fafer. NFSD rastrea el n\u00famero de p\u00e1ginas retenidas por cada subproceso NFSD combinando los b\u00faferes de recepci\u00f3n y env\u00edo de una llamada a procedimiento remoto (RPC) en una \u00fanica matriz de p\u00e1ginas. Un cliente puede forzar la reducci\u00f3n del b\u00fafer de env\u00edo enviando un mensaje RPC a trav\u00e9s de TCP con datos basura agregados al final del mensaje. El mensaje RPC con datos basura todav\u00eda est\u00e1 formado correctamente seg\u00fan la especificaci\u00f3n y se pasa a los controladores. El c\u00f3digo vulnerable en NFSD no espera la solicitud de gran tama\u00f1o y escribe m\u00e1s all\u00e1 del espacio de b\u00fafer asignado. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H \"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"disclosure@synopsys.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-131\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.19.17\",\"matchCriteriaId\":\"E287B74B-5F32-4BA9-801E-4C57E101C790\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0\",\"versionEndExcluding\":\"6.0.2\",\"matchCriteriaId\":\"B0624AD1-5A88-463E-96D1-F938FCBA6EEA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"3A756737-1CC4-42C2-A4DF-E1C893B4E2D5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6770B6C3-732E-4E22-BF1C-2D2FD610061C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F9C8C20-42EB-4AB5-BD97-212DEB070C43\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FFF7106-ED78-49BA-9EC5-B889E3685D53\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E63D8B0F-006E-4801-BF9D-1C001BBFB4F9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56409CEC-5A1E-4450-AA42-641E459CC2AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B06F4839-D16A-4A61-9BB5-55B13F41E47F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0B4AD8A-F172-4558-AEC6-FF424BA2D912\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8497A4C9-8474-4A62-8331-3FE862ED4098\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDDF61B7-EC5C-467C-B710-B89F502CD04F\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/171289/Kernel-Live-Patch-Security-Notice-LNS-0092-1.html\",\"source\":\"disclosure@synopsys.com\"},{\"url\":\"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f90497a16e434c2211c66e3de8e77b17868382b8\",\"source\":\"disclosure@synopsys.com\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20221215-0006/\",\"source\":\"disclosure@synopsys.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/171289/Kernel-Live-Patch-Security-Notice-LNS-0092-1.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f90497a16e434c2211c66e3de8e77b17868382b8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20221215-0006/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-265688.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f90497a16e434c2211c66e3de8e77b17868382b8\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20221215-0006/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/171289/Kernel-Live-Patch-Security-Notice-LNS-0092-1.html\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T13:40:06.873Z\"}}, {\"affected\": [{\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 TM MFP - GNU/Linux subsystem\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"x_adpType\": \"supplier\", \"references\": [{\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-265688.html\"}], \"providerMetadata\": {\"orgId\": \"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\", \"shortName\": \"siemens-SADP\", \"dateUpdated\": \"2026-05-12T10:12:31.054Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-43945\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-01T19:08:01.476613Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-01T19:08:21.337Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 6.0.2\"}]}], \"references\": [{\"url\": \"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f90497a16e434c2211c66e3de8e77b17868382b8\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20221215-0006/\"}, {\"url\": \"http://packetstormsecurity.com/files/171289/Kernel-Live-Patch-Security-Notice-LNS-0092-1.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-131\", \"description\": \"CWE-131: Incorrect Calculation of Buffer Size\"}]}], \"providerMetadata\": {\"orgId\": \"8cad7728-009c-4a3d-a95e-ca62e6ff8a0b\", \"shortName\": \"SNPS\", \"dateUpdated\": \"2023-03-08T00:00:00.000Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2022-43945\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-12T10:12:31.054Z\", \"dateReserved\": \"2022-10-26T00:00:00.000Z\", \"assignerOrgId\": \"8cad7728-009c-4a3d-a95e-ca62e6ff8a0b\", \"datePublished\": \"2022-11-04T00:00:00.000Z\", \"assignerShortName\": \"SNPS\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
SUSE-SU-2022:4527-1
Vulnerability from csaf_suse - Published: 2022-12-17 12:05 - Updated: 2022-12-17 12:05Summary
Security update for the Linux Kernel (Live Patch 30 for SLE 15 SP1)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 30 for SLE 15 SP1)
Description of the patch: This update for the Linux Kernel 4.12.14-150100_197_111 fixes several issues.
The following security issues were fixed:
- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).
- CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec (bsc#1206207).
- CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could allow a local unprivileged user to cause a denial of service (bsc#1204439).
- CVE-2022-3545: Fixed a use-after-free in area_cache_get() of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bsc#1204415).
- CVE-2022-41218: Fixed a use-after-free caused by refcount races, affecting dvb_demux_open() and dvb_dmxdev_release() in drivers/media/dvb-core/dmxdev.c (bsc#1202960).
Patchnames: SUSE-2022-4527,SUSE-SLE-Module-Live-Patching-15-SP1-2022-4527
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.4 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
47 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 30 for SLE 15 SP1)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.12.14-150100_197_111 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).\n- CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec (bsc#1206207).\n- CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could allow a local unprivileged user to cause a denial of service (bsc#1204439).\n- CVE-2022-3545: Fixed a use-after-free in area_cache_get() of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bsc#1204415).\n- CVE-2022-41218: Fixed a use-after-free caused by refcount races, affecting dvb_demux_open() and dvb_dmxdev_release() in drivers/media/dvb-core/dmxdev.c (bsc#1202960).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-4527,SUSE-SLE-Module-Live-Patching-15-SP1-2022-4527",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_4527-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:4527-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20224527-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:4527-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-December/013260.html"
},
{
"category": "self",
"summary": "SUSE Bug 1203606",
"url": "https://bugzilla.suse.com/1203606"
},
{
"category": "self",
"summary": "SUSE Bug 1204424",
"url": "https://bugzilla.suse.com/1204424"
},
{
"category": "self",
"summary": "SUSE Bug 1204576",
"url": "https://bugzilla.suse.com/1204576"
},
{
"category": "self",
"summary": "SUSE Bug 1205130",
"url": "https://bugzilla.suse.com/1205130"
},
{
"category": "self",
"summary": "SUSE Bug 1206228",
"url": "https://bugzilla.suse.com/1206228"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3545 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3545/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3586 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3586/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41218 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41218/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4378 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4378/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-43945 page",
"url": "https://www.suse.com/security/cve/CVE-2022-43945/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 30 for SLE 15 SP1)",
"tracking": {
"current_release_date": "2022-12-17T12:05:41Z",
"generator": {
"date": "2022-12-17T12:05:41Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:4527-1",
"initial_release_date": "2022-12-17T12:05:41Z",
"revision_history": [
{
"date": "2022-12-17T12:05:41Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.ppc64le",
"product": {
"name": "kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.ppc64le",
"product_id": "kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.x86_64",
"product": {
"name": "kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.x86_64",
"product_id": "kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.ppc64le"
},
"product_reference": "kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.x86_64"
},
"product_reference": "kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-3545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3545"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3545",
"url": "https://www.suse.com/security/cve/CVE-2022-3545"
},
{
"category": "external",
"summary": "SUSE Bug 1204415 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1204415"
},
{
"category": "external",
"summary": "SUSE Bug 1204424 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1204424"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1217531 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1217531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T12:05:41Z",
"details": "important"
}
],
"title": "CVE-2022-3545"
},
{
"cve": "CVE-2022-3586",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3586"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3586",
"url": "https://www.suse.com/security/cve/CVE-2022-3586"
},
{
"category": "external",
"summary": "SUSE Bug 1204439 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1204439"
},
{
"category": "external",
"summary": "SUSE Bug 1204576 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1204576"
},
{
"category": "external",
"summary": "SUSE Bug 1208044 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1208044"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1212294 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1212294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T12:05:41Z",
"details": "important"
}
],
"title": "CVE-2022-3586"
},
{
"cve": "CVE-2022-41218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41218"
}
],
"notes": [
{
"category": "general",
"text": "In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41218",
"url": "https://www.suse.com/security/cve/CVE-2022-41218"
},
{
"category": "external",
"summary": "SUSE Bug 1202960 for CVE-2022-41218",
"url": "https://bugzilla.suse.com/1202960"
},
{
"category": "external",
"summary": "SUSE Bug 1203606 for CVE-2022-41218",
"url": "https://bugzilla.suse.com/1203606"
},
{
"category": "external",
"summary": "SUSE Bug 1205313 for CVE-2022-41218",
"url": "https://bugzilla.suse.com/1205313"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-41218",
"url": "https://bugzilla.suse.com/1209225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T12:05:41Z",
"details": "important"
}
],
"title": "CVE-2022-41218"
},
{
"cve": "CVE-2022-4378",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4378"
}
],
"notes": [
{
"category": "general",
"text": "A stack overflow flaw was found in the Linux kernel\u0027s SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4378",
"url": "https://www.suse.com/security/cve/CVE-2022-4378"
},
{
"category": "external",
"summary": "SUSE Bug 1206207 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1206207"
},
{
"category": "external",
"summary": "SUSE Bug 1206228 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1206228"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1211118 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1211118"
},
{
"category": "external",
"summary": "SUSE Bug 1214268 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1214268"
},
{
"category": "external",
"summary": "SUSE Bug 1218483 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1218483"
},
{
"category": "external",
"summary": "SUSE Bug 1218966 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1218966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T12:05:41Z",
"details": "important"
}
],
"title": "CVE-2022-4378"
},
{
"cve": "CVE-2022-43945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-43945"
}
],
"notes": [
{
"category": "general",
"text": "The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-43945",
"url": "https://www.suse.com/security/cve/CVE-2022-43945"
},
{
"category": "external",
"summary": "SUSE Bug 1205128 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1205128"
},
{
"category": "external",
"summary": "SUSE Bug 1205130 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1205130"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1210124 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1210124"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_111-default-10-150100.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T12:05:41Z",
"details": "important"
}
],
"title": "CVE-2022-43945"
}
]
}
SUSE-SU-2022:4528-1
Vulnerability from csaf_suse - Published: 2022-12-17 17:34 - Updated: 2022-12-17 17:34Summary
Security update for the Linux Kernel (Live Patch 16 for SLE 15 SP3)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 16 for SLE 15 SP3)
Description of the patch: This update for the Linux Kernel 5.3.18-150300_59_60 fixes several issues.
The following security issues were fixed:
- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).
- CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec (bsc#1206207).
- CVE-2022-4139: Fixed an issue with the i915 driver that allowed the GPU to access any physical memory (bsc#1205700).
- CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could allow a local unprivileged user to cause a denial of service (bsc#1204439).
- CVE-2022-3577: Fixed an out-of-bounds memory write in bigben_probe of drivers/hid/hid-bigbenff.c (bsc#1204470).
- CVE-2022-3545: Fixed a use-after-free in area_cache_get() of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bsc#1204415).
- CVE-2022-41218: Fixed a use-after-free caused by refcount races, affecting dvb_demux_open() and dvb_dmxdev_release() in drivers/media/dvb-core/dmxdev.c (bsc#1202960).
- CVE-2022-2964: Fixed memory corruption issues in ax88179_178a devices (bsc#1202686).
Patchnames: SUSE-2022-4528,SUSE-SLE-Module-Live-Patching-15-SP3-2022-4528,SUSE-SLE-Module-Live-Patching-15-SP3-2022-4532
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
64 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 16 for SLE 15 SP3)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.3.18-150300_59_60 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).\n- CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec (bsc#1206207).\n- CVE-2022-4139: Fixed an issue with the i915 driver that allowed the GPU to access any physical memory (bsc#1205700).\n- CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could allow a local unprivileged user to cause a denial of service (bsc#1204439).\n- CVE-2022-3577: Fixed an out-of-bounds memory write in bigben_probe of drivers/hid/hid-bigbenff.c (bsc#1204470).\n- CVE-2022-3545: Fixed a use-after-free in area_cache_get() of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bsc#1204415).\n- CVE-2022-41218: Fixed a use-after-free caused by refcount races, affecting dvb_demux_open() and dvb_dmxdev_release() in drivers/media/dvb-core/dmxdev.c (bsc#1202960).\n- CVE-2022-2964: Fixed memory corruption issues in ax88179_178a devices (bsc#1202686).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-4528,SUSE-SLE-Module-Live-Patching-15-SP3-2022-4528,SUSE-SLE-Module-Live-Patching-15-SP3-2022-4532",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_4528-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:4528-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20224528-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:4528-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-December/013264.html"
},
{
"category": "self",
"summary": "SUSE Bug 1203008",
"url": "https://bugzilla.suse.com/1203008"
},
{
"category": "self",
"summary": "SUSE Bug 1203606",
"url": "https://bugzilla.suse.com/1203606"
},
{
"category": "self",
"summary": "SUSE Bug 1204424",
"url": "https://bugzilla.suse.com/1204424"
},
{
"category": "self",
"summary": "SUSE Bug 1204486",
"url": "https://bugzilla.suse.com/1204486"
},
{
"category": "self",
"summary": "SUSE Bug 1204576",
"url": "https://bugzilla.suse.com/1204576"
},
{
"category": "self",
"summary": "SUSE Bug 1205130",
"url": "https://bugzilla.suse.com/1205130"
},
{
"category": "self",
"summary": "SUSE Bug 1205815",
"url": "https://bugzilla.suse.com/1205815"
},
{
"category": "self",
"summary": "SUSE Bug 1206228",
"url": "https://bugzilla.suse.com/1206228"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2964 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3545 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3545/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3577 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3577/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3586 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3586/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41218 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41218/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4139 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4378 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4378/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-43945 page",
"url": "https://www.suse.com/security/cve/CVE-2022-43945/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 16 for SLE 15 SP3)",
"tracking": {
"current_release_date": "2022-12-17T17:34:13Z",
"generator": {
"date": "2022-12-17T17:34:13Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:4528-1",
"initial_release_date": "2022-12-17T17:34:13Z",
"revision_history": [
{
"date": "2022-12-17T17:34:13Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x",
"product_id": "kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x",
"product_id": "kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_49-preempt-16-150300.2.2.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_49-preempt-16-150300.2.2.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_49-preempt-16-150300.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-2964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2964"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2964",
"url": "https://www.suse.com/security/cve/CVE-2022-2964"
},
{
"category": "external",
"summary": "SUSE Bug 1202686 for CVE-2022-2964",
"url": "https://bugzilla.suse.com/1202686"
},
{
"category": "external",
"summary": "SUSE Bug 1203008 for CVE-2022-2964",
"url": "https://bugzilla.suse.com/1203008"
},
{
"category": "external",
"summary": "SUSE Bug 1208044 for CVE-2022-2964",
"url": "https://bugzilla.suse.com/1208044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T17:34:13Z",
"details": "important"
}
],
"title": "CVE-2022-2964"
},
{
"cve": "CVE-2022-3545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3545"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3545",
"url": "https://www.suse.com/security/cve/CVE-2022-3545"
},
{
"category": "external",
"summary": "SUSE Bug 1204415 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1204415"
},
{
"category": "external",
"summary": "SUSE Bug 1204424 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1204424"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1217531 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1217531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T17:34:13Z",
"details": "important"
}
],
"title": "CVE-2022-3545"
},
{
"cve": "CVE-2022-3577",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3577"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s Kid-friendly Wired Controller driver. This flaw allows a local user to crash or potentially escalate their privileges on the system. It is in bigben_probe of drivers/hid/hid-bigbenff.c. The reason is incorrect assumption - bigben devices all have inputs. However, malicious devices can break this assumption, leaking to out-of-bound write.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3577",
"url": "https://www.suse.com/security/cve/CVE-2022-3577"
},
{
"category": "external",
"summary": "SUSE Bug 1204470 for CVE-2022-3577",
"url": "https://bugzilla.suse.com/1204470"
},
{
"category": "external",
"summary": "SUSE Bug 1204486 for CVE-2022-3577",
"url": "https://bugzilla.suse.com/1204486"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T17:34:13Z",
"details": "important"
}
],
"title": "CVE-2022-3577"
},
{
"cve": "CVE-2022-3586",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3586"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3586",
"url": "https://www.suse.com/security/cve/CVE-2022-3586"
},
{
"category": "external",
"summary": "SUSE Bug 1204439 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1204439"
},
{
"category": "external",
"summary": "SUSE Bug 1204576 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1204576"
},
{
"category": "external",
"summary": "SUSE Bug 1208044 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1208044"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1212294 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1212294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T17:34:13Z",
"details": "important"
}
],
"title": "CVE-2022-3586"
},
{
"cve": "CVE-2022-41218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41218"
}
],
"notes": [
{
"category": "general",
"text": "In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41218",
"url": "https://www.suse.com/security/cve/CVE-2022-41218"
},
{
"category": "external",
"summary": "SUSE Bug 1202960 for CVE-2022-41218",
"url": "https://bugzilla.suse.com/1202960"
},
{
"category": "external",
"summary": "SUSE Bug 1203606 for CVE-2022-41218",
"url": "https://bugzilla.suse.com/1203606"
},
{
"category": "external",
"summary": "SUSE Bug 1205313 for CVE-2022-41218",
"url": "https://bugzilla.suse.com/1205313"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-41218",
"url": "https://bugzilla.suse.com/1209225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T17:34:13Z",
"details": "important"
}
],
"title": "CVE-2022-41218"
},
{
"cve": "CVE-2022-4139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4139"
}
],
"notes": [
{
"category": "general",
"text": "An incorrect TLB flush issue was found in the Linux kernel\u0027s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4139",
"url": "https://www.suse.com/security/cve/CVE-2022-4139"
},
{
"category": "external",
"summary": "SUSE Bug 1205700 for CVE-2022-4139",
"url": "https://bugzilla.suse.com/1205700"
},
{
"category": "external",
"summary": "SUSE Bug 1205815 for CVE-2022-4139",
"url": "https://bugzilla.suse.com/1205815"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-4139",
"url": "https://bugzilla.suse.com/1209225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T17:34:13Z",
"details": "important"
}
],
"title": "CVE-2022-4139"
},
{
"cve": "CVE-2022-4378",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4378"
}
],
"notes": [
{
"category": "general",
"text": "A stack overflow flaw was found in the Linux kernel\u0027s SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4378",
"url": "https://www.suse.com/security/cve/CVE-2022-4378"
},
{
"category": "external",
"summary": "SUSE Bug 1206207 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1206207"
},
{
"category": "external",
"summary": "SUSE Bug 1206228 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1206228"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1211118 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1211118"
},
{
"category": "external",
"summary": "SUSE Bug 1214268 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1214268"
},
{
"category": "external",
"summary": "SUSE Bug 1218483 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1218483"
},
{
"category": "external",
"summary": "SUSE Bug 1218966 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1218966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T17:34:13Z",
"details": "important"
}
],
"title": "CVE-2022-4378"
},
{
"cve": "CVE-2022-43945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-43945"
}
],
"notes": [
{
"category": "general",
"text": "The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-43945",
"url": "https://www.suse.com/security/cve/CVE-2022-43945"
},
{
"category": "external",
"summary": "SUSE Bug 1205128 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1205128"
},
{
"category": "external",
"summary": "SUSE Bug 1205130 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1205130"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1210124 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1210124"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_49-default-16-150300.2.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_60-default-14-150300.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T17:34:13Z",
"details": "important"
}
],
"title": "CVE-2022-43945"
}
]
}
SUSE-SU-2022:4533-1
Vulnerability from csaf_suse - Published: 2022-12-17 18:34 - Updated: 2022-12-17 18:34Summary
Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP1)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP1)
Description of the patch: This update for the Linux Kernel 4.12.14-150100_197_120 fixes several issues.
The following security issues were fixed:
- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).
- CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec (bsc#1206207).
- CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could allow a local unprivileged user to cause a denial of service (bsc#1204439).
- CVE-2022-3545: Fixed a use-after-free in area_cache_get() of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bsc#1204415).
- CVE-2022-41218: Fixed a use-after-free caused by refcount races, affecting dvb_demux_open() and dvb_dmxdev_release() in drivers/media/dvb-core/dmxdev.c (bsc#1202960).
Patchnames: SUSE-2022-4533,SUSE-SLE-Live-Patching-12-SP4-2022-4533,SUSE-SLE-Live-Patching-12-SP4-2022-4535,SUSE-SLE-Live-Patching-12-SP4-2022-4538,SUSE-SLE-Live-Patching-12-SP5-2022-4530,SUSE-SLE-Live-Patching-12-SP5-2022-4536,SUSE-SLE-Live-Patching-12-SP5-2022-4540,SUSE-SLE-Module-Live-Patching-15-SP1-2022-4537
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.4 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
47 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP1)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.12.14-150100_197_120 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).\n- CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec (bsc#1206207).\n- CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could allow a local unprivileged user to cause a denial of service (bsc#1204439).\n- CVE-2022-3545: Fixed a use-after-free in area_cache_get() of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bsc#1204415).\n- CVE-2022-41218: Fixed a use-after-free caused by refcount races, affecting dvb_demux_open() and dvb_dmxdev_release() in drivers/media/dvb-core/dmxdev.c (bsc#1202960).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-4533,SUSE-SLE-Live-Patching-12-SP4-2022-4533,SUSE-SLE-Live-Patching-12-SP4-2022-4535,SUSE-SLE-Live-Patching-12-SP4-2022-4538,SUSE-SLE-Live-Patching-12-SP5-2022-4530,SUSE-SLE-Live-Patching-12-SP5-2022-4536,SUSE-SLE-Live-Patching-12-SP5-2022-4540,SUSE-SLE-Module-Live-Patching-15-SP1-2022-4537",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_4533-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:4533-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20224533-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:4533-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-December/013262.html"
},
{
"category": "self",
"summary": "SUSE Bug 1203606",
"url": "https://bugzilla.suse.com/1203606"
},
{
"category": "self",
"summary": "SUSE Bug 1204424",
"url": "https://bugzilla.suse.com/1204424"
},
{
"category": "self",
"summary": "SUSE Bug 1204576",
"url": "https://bugzilla.suse.com/1204576"
},
{
"category": "self",
"summary": "SUSE Bug 1205130",
"url": "https://bugzilla.suse.com/1205130"
},
{
"category": "self",
"summary": "SUSE Bug 1206228",
"url": "https://bugzilla.suse.com/1206228"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3545 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3545/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3586 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3586/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41218 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41218/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4378 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4378/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-43945 page",
"url": "https://www.suse.com/security/cve/CVE-2022-43945/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP1)",
"tracking": {
"current_release_date": "2022-12-17T18:34:12Z",
"generator": {
"date": "2022-12-17T18:34:12Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:4533-1",
"initial_release_date": "2022-12-17T18:34:12Z",
"revision_history": [
{
"date": "2022-12-17T18:34:12Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le",
"product_id": "kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le",
"product_id": "kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le",
"product_id": "kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.ppc64le",
"product_id": "kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_105-default-5-2.1.s390x",
"product": {
"name": "kgraft-patch-4_12_14-95_105-default-5-2.1.s390x",
"product_id": "kgraft-patch-4_12_14-95_105-default-5-2.1.s390x"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_102-default-5-2.1.s390x",
"product": {
"name": "kgraft-patch-4_12_14-95_102-default-5-2.1.s390x",
"product_id": "kgraft-patch-4_12_14-95_102-default-5-2.1.s390x"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_108-default-3-2.1.s390x",
"product": {
"name": "kgraft-patch-4_12_14-95_108-default-3-2.1.s390x",
"product_id": "kgraft-patch-4_12_14-95_108-default-3-2.1.s390x"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_127-default-5-2.1.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_127-default-5-2.1.s390x",
"product_id": "kgraft-patch-4_12_14-122_127-default-5-2.1.s390x"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_124-default-7-2.1.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_124-default-7-2.1.s390x",
"product_id": "kgraft-patch-4_12_14-122_124-default-7-2.1.s390x"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_121-default-8-2.2.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_121-default-8-2.2.s390x",
"product_id": "kgraft-patch-4_12_14-122_121-default-8-2.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64",
"product_id": "kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64",
"product_id": "kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64",
"product_id": "kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64",
"product_id": "kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64",
"product_id": "kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64",
"product_id": "kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.x86_64",
"product": {
"name": "kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.x86_64",
"product_id": "kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_105-default-5-2.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-95_105-default-5-2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_102-default-5-2.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-95_102-default-5-2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_108-default-3-2.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-95_108-default-3-2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_105-default-5-2.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-95_105-default-5-2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_102-default-5-2.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-95_102-default-5-2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_108-default-3-2.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-95_108-default-3-2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_105-default-5-2.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-95_105-default-5-2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_102-default-5-2.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-95_102-default-5-2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_108-default-3-2.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-95_108-default-3-2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_127-default-5-2.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_127-default-5-2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_124-default-7-2.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_124-default-7-2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_121-default-8-2.2.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_121-default-8-2.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_127-default-5-2.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_127-default-5-2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_124-default-7-2.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_124-default-7-2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_121-default-8-2.2.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_121-default-8-2.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_127-default-5-2.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_127-default-5-2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_124-default-7-2.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_124-default-7-2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_121-default-8-2.2.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_121-default-8-2.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.x86_64"
},
"product_reference": "kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-3545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3545"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3545",
"url": "https://www.suse.com/security/cve/CVE-2022-3545"
},
{
"category": "external",
"summary": "SUSE Bug 1204415 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1204415"
},
{
"category": "external",
"summary": "SUSE Bug 1204424 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1204424"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1217531 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1217531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T18:34:12Z",
"details": "important"
}
],
"title": "CVE-2022-3545"
},
{
"cve": "CVE-2022-3586",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3586"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3586",
"url": "https://www.suse.com/security/cve/CVE-2022-3586"
},
{
"category": "external",
"summary": "SUSE Bug 1204439 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1204439"
},
{
"category": "external",
"summary": "SUSE Bug 1204576 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1204576"
},
{
"category": "external",
"summary": "SUSE Bug 1208044 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1208044"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1212294 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1212294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T18:34:12Z",
"details": "important"
}
],
"title": "CVE-2022-3586"
},
{
"cve": "CVE-2022-41218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41218"
}
],
"notes": [
{
"category": "general",
"text": "In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41218",
"url": "https://www.suse.com/security/cve/CVE-2022-41218"
},
{
"category": "external",
"summary": "SUSE Bug 1202960 for CVE-2022-41218",
"url": "https://bugzilla.suse.com/1202960"
},
{
"category": "external",
"summary": "SUSE Bug 1203606 for CVE-2022-41218",
"url": "https://bugzilla.suse.com/1203606"
},
{
"category": "external",
"summary": "SUSE Bug 1205313 for CVE-2022-41218",
"url": "https://bugzilla.suse.com/1205313"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-41218",
"url": "https://bugzilla.suse.com/1209225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T18:34:12Z",
"details": "important"
}
],
"title": "CVE-2022-41218"
},
{
"cve": "CVE-2022-4378",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4378"
}
],
"notes": [
{
"category": "general",
"text": "A stack overflow flaw was found in the Linux kernel\u0027s SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4378",
"url": "https://www.suse.com/security/cve/CVE-2022-4378"
},
{
"category": "external",
"summary": "SUSE Bug 1206207 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1206207"
},
{
"category": "external",
"summary": "SUSE Bug 1206228 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1206228"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1211118 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1211118"
},
{
"category": "external",
"summary": "SUSE Bug 1214268 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1214268"
},
{
"category": "external",
"summary": "SUSE Bug 1218483 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1218483"
},
{
"category": "external",
"summary": "SUSE Bug 1218966 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1218966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T18:34:12Z",
"details": "important"
}
],
"title": "CVE-2022-4378"
},
{
"cve": "CVE-2022-43945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-43945"
}
],
"notes": [
{
"category": "general",
"text": "The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-43945",
"url": "https://www.suse.com/security/cve/CVE-2022-43945"
},
{
"category": "external",
"summary": "SUSE Bug 1205128 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1205128"
},
{
"category": "external",
"summary": "SUSE Bug 1205130 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1205130"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1210124 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1210124"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_102-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_105-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_108-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_121-default-8-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_124-default-7-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_127-default-5-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-5-150100.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T18:34:12Z",
"details": "important"
}
],
"title": "CVE-2022-43945"
}
]
}
SUSE-SU-2022:4534-1
Vulnerability from csaf_suse - Published: 2022-12-17 18:05 - Updated: 2022-12-17 18:05Summary
Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP3)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP3)
Description of the patch: This update for the Linux Kernel 5.3.18-150300_59_71 fixes several issues.
The following security issues were fixed:
- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).
- CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec (bsc#1206207).
- CVE-2022-4139: Fixed an issue with the i915 driver that allowed the GPU to access any physical memory (bsc#1205700).
- CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could allow a local unprivileged user to cause a denial of service (bsc#1204439).
- CVE-2022-3577: Fixed an out-of-bounds memory write in bigben_probe of drivers/hid/hid-bigbenff.c (bsc#1204470).
- CVE-2022-3545: Fixed a use-after-free in area_cache_get() of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bsc#1204415).
- CVE-2022-41218: Fixed a use-after-free caused by refcount races, affecting dvb_demux_open() and dvb_dmxdev_release() in drivers/media/dvb-core/dmxdev.c (bsc#1202960).
Patchnames: SUSE-2022-4534,SUSE-SLE-Module-Live-Patching-15-SP2-2022-4531,SUSE-SLE-Module-Live-Patching-15-SP3-2022-4534
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.4 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
58 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP3)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.3.18-150300_59_71 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).\n- CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec (bsc#1206207).\n- CVE-2022-4139: Fixed an issue with the i915 driver that allowed the GPU to access any physical memory (bsc#1205700).\n- CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could allow a local unprivileged user to cause a denial of service (bsc#1204439).\n- CVE-2022-3577: Fixed an out-of-bounds memory write in bigben_probe of drivers/hid/hid-bigbenff.c (bsc#1204470).\n- CVE-2022-3545: Fixed a use-after-free in area_cache_get() of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bsc#1204415).\n- CVE-2022-41218: Fixed a use-after-free caused by refcount races, affecting dvb_demux_open() and dvb_dmxdev_release() in drivers/media/dvb-core/dmxdev.c (bsc#1202960).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-4534,SUSE-SLE-Module-Live-Patching-15-SP2-2022-4531,SUSE-SLE-Module-Live-Patching-15-SP3-2022-4534",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_4534-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:4534-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20224534-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:4534-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-December/013265.html"
},
{
"category": "self",
"summary": "SUSE Bug 1203606",
"url": "https://bugzilla.suse.com/1203606"
},
{
"category": "self",
"summary": "SUSE Bug 1204424",
"url": "https://bugzilla.suse.com/1204424"
},
{
"category": "self",
"summary": "SUSE Bug 1204486",
"url": "https://bugzilla.suse.com/1204486"
},
{
"category": "self",
"summary": "SUSE Bug 1204576",
"url": "https://bugzilla.suse.com/1204576"
},
{
"category": "self",
"summary": "SUSE Bug 1205130",
"url": "https://bugzilla.suse.com/1205130"
},
{
"category": "self",
"summary": "SUSE Bug 1205815",
"url": "https://bugzilla.suse.com/1205815"
},
{
"category": "self",
"summary": "SUSE Bug 1206228",
"url": "https://bugzilla.suse.com/1206228"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3545 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3545/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3577 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3577/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3586 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3586/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41218 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41218/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4139 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4378 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4378/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-43945 page",
"url": "https://www.suse.com/security/cve/CVE-2022-43945/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP3)",
"tracking": {
"current_release_date": "2022-12-17T18:05:08Z",
"generator": {
"date": "2022-12-17T18:05:08Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:4534-1",
"initial_release_date": "2022-12-17T18:05:08Z",
"revision_history": [
{
"date": "2022-12-17T18:05:08Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x",
"product_id": "kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x",
"product_id": "kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_71-preempt-9-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_71-preempt-9-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_71-preempt-9-150300.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-3545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3545"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3545",
"url": "https://www.suse.com/security/cve/CVE-2022-3545"
},
{
"category": "external",
"summary": "SUSE Bug 1204415 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1204415"
},
{
"category": "external",
"summary": "SUSE Bug 1204424 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1204424"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1217531 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1217531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T18:05:08Z",
"details": "important"
}
],
"title": "CVE-2022-3545"
},
{
"cve": "CVE-2022-3577",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3577"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s Kid-friendly Wired Controller driver. This flaw allows a local user to crash or potentially escalate their privileges on the system. It is in bigben_probe of drivers/hid/hid-bigbenff.c. The reason is incorrect assumption - bigben devices all have inputs. However, malicious devices can break this assumption, leaking to out-of-bound write.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3577",
"url": "https://www.suse.com/security/cve/CVE-2022-3577"
},
{
"category": "external",
"summary": "SUSE Bug 1204470 for CVE-2022-3577",
"url": "https://bugzilla.suse.com/1204470"
},
{
"category": "external",
"summary": "SUSE Bug 1204486 for CVE-2022-3577",
"url": "https://bugzilla.suse.com/1204486"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T18:05:08Z",
"details": "important"
}
],
"title": "CVE-2022-3577"
},
{
"cve": "CVE-2022-3586",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3586"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3586",
"url": "https://www.suse.com/security/cve/CVE-2022-3586"
},
{
"category": "external",
"summary": "SUSE Bug 1204439 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1204439"
},
{
"category": "external",
"summary": "SUSE Bug 1204576 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1204576"
},
{
"category": "external",
"summary": "SUSE Bug 1208044 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1208044"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1212294 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1212294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T18:05:08Z",
"details": "important"
}
],
"title": "CVE-2022-3586"
},
{
"cve": "CVE-2022-41218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41218"
}
],
"notes": [
{
"category": "general",
"text": "In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41218",
"url": "https://www.suse.com/security/cve/CVE-2022-41218"
},
{
"category": "external",
"summary": "SUSE Bug 1202960 for CVE-2022-41218",
"url": "https://bugzilla.suse.com/1202960"
},
{
"category": "external",
"summary": "SUSE Bug 1203606 for CVE-2022-41218",
"url": "https://bugzilla.suse.com/1203606"
},
{
"category": "external",
"summary": "SUSE Bug 1205313 for CVE-2022-41218",
"url": "https://bugzilla.suse.com/1205313"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-41218",
"url": "https://bugzilla.suse.com/1209225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T18:05:08Z",
"details": "important"
}
],
"title": "CVE-2022-41218"
},
{
"cve": "CVE-2022-4139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4139"
}
],
"notes": [
{
"category": "general",
"text": "An incorrect TLB flush issue was found in the Linux kernel\u0027s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4139",
"url": "https://www.suse.com/security/cve/CVE-2022-4139"
},
{
"category": "external",
"summary": "SUSE Bug 1205700 for CVE-2022-4139",
"url": "https://bugzilla.suse.com/1205700"
},
{
"category": "external",
"summary": "SUSE Bug 1205815 for CVE-2022-4139",
"url": "https://bugzilla.suse.com/1205815"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-4139",
"url": "https://bugzilla.suse.com/1209225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T18:05:08Z",
"details": "important"
}
],
"title": "CVE-2022-4139"
},
{
"cve": "CVE-2022-4378",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4378"
}
],
"notes": [
{
"category": "general",
"text": "A stack overflow flaw was found in the Linux kernel\u0027s SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4378",
"url": "https://www.suse.com/security/cve/CVE-2022-4378"
},
{
"category": "external",
"summary": "SUSE Bug 1206207 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1206207"
},
{
"category": "external",
"summary": "SUSE Bug 1206228 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1206228"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1211118 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1211118"
},
{
"category": "external",
"summary": "SUSE Bug 1214268 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1214268"
},
{
"category": "external",
"summary": "SUSE Bug 1218483 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1218483"
},
{
"category": "external",
"summary": "SUSE Bug 1218966 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1218966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T18:05:08Z",
"details": "important"
}
],
"title": "CVE-2022-4378"
},
{
"cve": "CVE-2022-43945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-43945"
}
],
"notes": [
{
"category": "general",
"text": "The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-43945",
"url": "https://www.suse.com/security/cve/CVE-2022-43945"
},
{
"category": "external",
"summary": "SUSE Bug 1205128 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1205128"
},
{
"category": "external",
"summary": "SUSE Bug 1205130 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1205130"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1210124 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1210124"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-3-150200.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_71-default-9-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T18:05:08Z",
"details": "important"
}
],
"title": "CVE-2022-43945"
}
]
}
SUSE-SU-2022:4539-1
Vulnerability from csaf_suse - Published: 2022-12-17 19:04 - Updated: 2022-12-17 19:04Summary
Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP1)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP1)
Description of the patch: This update for the Linux Kernel 4.12.14-150100_197_126 fixes several issues.
The following security issues were fixed:
- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).
- CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec (bsc#1206207).
- CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could allow a local unprivileged user to cause a denial of service (bsc#1204439).
- CVE-2022-3545: Fixed a use-after-free in area_cache_get() of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bsc#1204415).
Patchnames: SUSE-2022-4539,SUSE-SLE-Live-Patching-12-SP4-2022-4529,SUSE-SLE-Module-Live-Patching-15-2022-4541,SUSE-SLE-Module-Live-Patching-15-SP1-2022-4539
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.4 (High)
Affected products
Recommended
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
40 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP1)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.12.14-150100_197_126 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).\n- CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec (bsc#1206207).\n- CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could allow a local unprivileged user to cause a denial of service (bsc#1204439).\n- CVE-2022-3545: Fixed a use-after-free in area_cache_get() of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bsc#1204415).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-4539,SUSE-SLE-Live-Patching-12-SP4-2022-4529,SUSE-SLE-Module-Live-Patching-15-2022-4541,SUSE-SLE-Module-Live-Patching-15-SP1-2022-4539",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_4539-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:4539-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20224539-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:4539-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-December/013263.html"
},
{
"category": "self",
"summary": "SUSE Bug 1204424",
"url": "https://bugzilla.suse.com/1204424"
},
{
"category": "self",
"summary": "SUSE Bug 1204576",
"url": "https://bugzilla.suse.com/1204576"
},
{
"category": "self",
"summary": "SUSE Bug 1205130",
"url": "https://bugzilla.suse.com/1205130"
},
{
"category": "self",
"summary": "SUSE Bug 1206228",
"url": "https://bugzilla.suse.com/1206228"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3545 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3545/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3586 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3586/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4378 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4378/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-43945 page",
"url": "https://www.suse.com/security/cve/CVE-2022-43945/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP1)",
"tracking": {
"current_release_date": "2022-12-17T19:04:56Z",
"generator": {
"date": "2022-12-17T19:04:56Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:4539-1",
"initial_release_date": "2022-12-17T19:04:56Z",
"revision_history": [
{
"date": "2022-12-17T19:04:56Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.ppc64le",
"product_id": "kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_111-default-2-2.1.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-95_111-default-2-2.1.ppc64le",
"product_id": "kgraft-patch-4_12_14-95_111-default-2-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.ppc64le",
"product_id": "kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_111-default-2-2.1.s390x",
"product": {
"name": "kgraft-patch-4_12_14-95_111-default-2-2.1.s390x",
"product_id": "kgraft-patch-4_12_14-95_111-default-2-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.x86_64",
"product": {
"name": "kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.x86_64",
"product_id": "kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_111-default-2-2.1.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-95_111-default-2-2.1.x86_64",
"product_id": "kgraft-patch-4_12_14-95_111-default-2-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.x86_64",
"product": {
"name": "kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.x86_64",
"product_id": "kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15",
"product_id": "SUSE Linux Enterprise Live Patching 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_111-default-2-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-95_111-default-2-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_111-default-2-2.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-95_111-default-2-2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_111-default-2-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-95_111-default-2-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15",
"product_id": "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15",
"product_id": "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.x86_64"
},
"product_reference": "kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.x86_64"
},
"product_reference": "kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-3545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3545"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3545",
"url": "https://www.suse.com/security/cve/CVE-2022-3545"
},
{
"category": "external",
"summary": "SUSE Bug 1204415 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1204415"
},
{
"category": "external",
"summary": "SUSE Bug 1204424 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1204424"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1217531 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1217531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T19:04:56Z",
"details": "important"
}
],
"title": "CVE-2022-3545"
},
{
"cve": "CVE-2022-3586",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3586"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3586",
"url": "https://www.suse.com/security/cve/CVE-2022-3586"
},
{
"category": "external",
"summary": "SUSE Bug 1204439 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1204439"
},
{
"category": "external",
"summary": "SUSE Bug 1204576 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1204576"
},
{
"category": "external",
"summary": "SUSE Bug 1208044 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1208044"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1212294 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1212294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T19:04:56Z",
"details": "important"
}
],
"title": "CVE-2022-3586"
},
{
"cve": "CVE-2022-4378",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4378"
}
],
"notes": [
{
"category": "general",
"text": "A stack overflow flaw was found in the Linux kernel\u0027s SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4378",
"url": "https://www.suse.com/security/cve/CVE-2022-4378"
},
{
"category": "external",
"summary": "SUSE Bug 1206207 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1206207"
},
{
"category": "external",
"summary": "SUSE Bug 1206228 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1206228"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1211118 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1211118"
},
{
"category": "external",
"summary": "SUSE Bug 1214268 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1214268"
},
{
"category": "external",
"summary": "SUSE Bug 1218483 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1218483"
},
{
"category": "external",
"summary": "SUSE Bug 1218966 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1218966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T19:04:56Z",
"details": "important"
}
],
"title": "CVE-2022-4378"
},
{
"cve": "CVE-2022-43945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-43945"
}
],
"notes": [
{
"category": "general",
"text": "The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-43945",
"url": "https://www.suse.com/security/cve/CVE-2022-43945"
},
{
"category": "external",
"summary": "SUSE Bug 1205128 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1205128"
},
{
"category": "external",
"summary": "SUSE Bug 1205130 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1205130"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1210124 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1210124"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_111-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_126-default-2-150100.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150000_150_104-default-2-150000.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T19:04:56Z",
"details": "important"
}
],
"title": "CVE-2022-43945"
}
]
}
SUSE-SU-2022:4542-1
Vulnerability from csaf_suse - Published: 2022-12-17 19:34 - Updated: 2022-12-17 19:34Summary
Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP4)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP4)
Description of the patch: This update for the Linux Kernel 5.14.21-150400_24_33 fixes several issues.
The following security issues were fixed:
- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).
- CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec (bsc#1206207).
- CVE-2022-4139: Fixed an issue with the i915 driver that allowed the GPU to access any physical memory (bsc#1205700).
- CVE-2021-39698: Fixed a use-after-free in aio_poll_complete_work of aio.c (bsc#1196956).
Patchnames: SUSE-2022-4542,SUSE-SLE-Module-Live-Patching-15-SP4-2022-4542
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.4 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
37 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP4)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.14.21-150400_24_33 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).\n- CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec (bsc#1206207).\n- CVE-2022-4139: Fixed an issue with the i915 driver that allowed the GPU to access any physical memory (bsc#1205700).\n- CVE-2021-39698: Fixed a use-after-free in aio_poll_complete_work of aio.c (bsc#1196956).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-4542,SUSE-SLE-Module-Live-Patching-15-SP4-2022-4542",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_4542-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:4542-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20224542-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:4542-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-December/013266.html"
},
{
"category": "self",
"summary": "SUSE Bug 1196959",
"url": "https://bugzilla.suse.com/1196959"
},
{
"category": "self",
"summary": "SUSE Bug 1205130",
"url": "https://bugzilla.suse.com/1205130"
},
{
"category": "self",
"summary": "SUSE Bug 1205815",
"url": "https://bugzilla.suse.com/1205815"
},
{
"category": "self",
"summary": "SUSE Bug 1206228",
"url": "https://bugzilla.suse.com/1206228"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-39698 page",
"url": "https://www.suse.com/security/cve/CVE-2021-39698/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4139 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4378 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4378/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-43945 page",
"url": "https://www.suse.com/security/cve/CVE-2022-43945/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP4)",
"tracking": {
"current_release_date": "2022-12-17T19:34:08Z",
"generator": {
"date": "2022-12-17T19:34:08Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:4542-1",
"initial_release_date": "2022-12-17T19:34:08Z",
"revision_history": [
{
"date": "2022-12-17T19:34:08Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-39698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-39698"
}
],
"notes": [
{
"category": "general",
"text": "In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-185125206References: Upstream kernel",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-39698",
"url": "https://www.suse.com/security/cve/CVE-2021-39698"
},
{
"category": "external",
"summary": "SUSE Bug 1196956 for CVE-2021-39698",
"url": "https://bugzilla.suse.com/1196956"
},
{
"category": "external",
"summary": "SUSE Bug 1196959 for CVE-2021-39698",
"url": "https://bugzilla.suse.com/1196959"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2021-39698",
"url": "https://bugzilla.suse.com/1209225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T19:34:08Z",
"details": "important"
}
],
"title": "CVE-2021-39698"
},
{
"cve": "CVE-2022-4139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4139"
}
],
"notes": [
{
"category": "general",
"text": "An incorrect TLB flush issue was found in the Linux kernel\u0027s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4139",
"url": "https://www.suse.com/security/cve/CVE-2022-4139"
},
{
"category": "external",
"summary": "SUSE Bug 1205700 for CVE-2022-4139",
"url": "https://bugzilla.suse.com/1205700"
},
{
"category": "external",
"summary": "SUSE Bug 1205815 for CVE-2022-4139",
"url": "https://bugzilla.suse.com/1205815"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-4139",
"url": "https://bugzilla.suse.com/1209225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T19:34:08Z",
"details": "important"
}
],
"title": "CVE-2022-4139"
},
{
"cve": "CVE-2022-4378",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4378"
}
],
"notes": [
{
"category": "general",
"text": "A stack overflow flaw was found in the Linux kernel\u0027s SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4378",
"url": "https://www.suse.com/security/cve/CVE-2022-4378"
},
{
"category": "external",
"summary": "SUSE Bug 1206207 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1206207"
},
{
"category": "external",
"summary": "SUSE Bug 1206228 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1206228"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1211118 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1211118"
},
{
"category": "external",
"summary": "SUSE Bug 1214268 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1214268"
},
{
"category": "external",
"summary": "SUSE Bug 1218483 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1218483"
},
{
"category": "external",
"summary": "SUSE Bug 1218966 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1218966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T19:34:08Z",
"details": "important"
}
],
"title": "CVE-2022-4378"
},
{
"cve": "CVE-2022-43945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-43945"
}
],
"notes": [
{
"category": "general",
"text": "The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-43945",
"url": "https://www.suse.com/security/cve/CVE-2022-43945"
},
{
"category": "external",
"summary": "SUSE Bug 1205128 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1205128"
},
{
"category": "external",
"summary": "SUSE Bug 1205130 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1205130"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1210124 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1210124"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_33-default-2-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T19:34:08Z",
"details": "important"
}
],
"title": "CVE-2022-43945"
}
]
}
SUSE-SU-2022:4543-1
Vulnerability from csaf_suse - Published: 2022-12-17 23:34 - Updated: 2022-12-17 23:34Summary
Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP3)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP3)
Description of the patch: This update for the Linux Kernel 5.3.18-150300_59_87 fixes several issues.
The following security issues were fixed:
- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).
- CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec (bsc#1206207).
- CVE-2022-4139: Fixed an issue with the i915 driver that allowed the GPU to access any physical memory (bsc#1205700).
- CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could allow a local unprivileged user to cause a denial of service (bsc#1204439).
- CVE-2022-3545: Fixed a use-after-free in area_cache_get() of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bsc#1204415).
- CVE-2022-41218: Fixed a use-after-free caused by refcount races, affecting dvb_demux_open() and dvb_dmxdev_release() in drivers/media/dvb-core/dmxdev.c (bsc#1202960).
Patchnames: SUSE-2022-4543,SUSE-SLE-Module-Live-Patching-15-SP3-2022-4543
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.4 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
53 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP3)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.3.18-150300_59_87 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).\n- CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec (bsc#1206207).\n- CVE-2022-4139: Fixed an issue with the i915 driver that allowed the GPU to access any physical memory (bsc#1205700).\n- CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could allow a local unprivileged user to cause a denial of service (bsc#1204439).\n- CVE-2022-3545: Fixed a use-after-free in area_cache_get() of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bsc#1204415).\n- CVE-2022-41218: Fixed a use-after-free caused by refcount races, affecting dvb_demux_open() and dvb_dmxdev_release() in drivers/media/dvb-core/dmxdev.c (bsc#1202960).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-4543,SUSE-SLE-Module-Live-Patching-15-SP3-2022-4543",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_4543-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:4543-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20224543-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:4543-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-December/013268.html"
},
{
"category": "self",
"summary": "SUSE Bug 1203606",
"url": "https://bugzilla.suse.com/1203606"
},
{
"category": "self",
"summary": "SUSE Bug 1204424",
"url": "https://bugzilla.suse.com/1204424"
},
{
"category": "self",
"summary": "SUSE Bug 1204576",
"url": "https://bugzilla.suse.com/1204576"
},
{
"category": "self",
"summary": "SUSE Bug 1205130",
"url": "https://bugzilla.suse.com/1205130"
},
{
"category": "self",
"summary": "SUSE Bug 1205815",
"url": "https://bugzilla.suse.com/1205815"
},
{
"category": "self",
"summary": "SUSE Bug 1206228",
"url": "https://bugzilla.suse.com/1206228"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3545 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3545/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3586 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3586/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41218 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41218/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4139 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4378 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4378/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-43945 page",
"url": "https://www.suse.com/security/cve/CVE-2022-43945/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP3)",
"tracking": {
"current_release_date": "2022-12-17T23:34:04Z",
"generator": {
"date": "2022-12-17T23:34:04Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:4543-1",
"initial_release_date": "2022-12-17T23:34:04Z",
"revision_history": [
{
"date": "2022-12-17T23:34:04Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x",
"product_id": "kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_87-preempt-7-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_87-preempt-7-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_87-preempt-7-150300.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-3545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3545"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3545",
"url": "https://www.suse.com/security/cve/CVE-2022-3545"
},
{
"category": "external",
"summary": "SUSE Bug 1204415 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1204415"
},
{
"category": "external",
"summary": "SUSE Bug 1204424 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1204424"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1217531 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1217531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T23:34:04Z",
"details": "important"
}
],
"title": "CVE-2022-3545"
},
{
"cve": "CVE-2022-3586",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3586"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3586",
"url": "https://www.suse.com/security/cve/CVE-2022-3586"
},
{
"category": "external",
"summary": "SUSE Bug 1204439 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1204439"
},
{
"category": "external",
"summary": "SUSE Bug 1204576 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1204576"
},
{
"category": "external",
"summary": "SUSE Bug 1208044 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1208044"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1212294 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1212294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T23:34:04Z",
"details": "important"
}
],
"title": "CVE-2022-3586"
},
{
"cve": "CVE-2022-41218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41218"
}
],
"notes": [
{
"category": "general",
"text": "In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41218",
"url": "https://www.suse.com/security/cve/CVE-2022-41218"
},
{
"category": "external",
"summary": "SUSE Bug 1202960 for CVE-2022-41218",
"url": "https://bugzilla.suse.com/1202960"
},
{
"category": "external",
"summary": "SUSE Bug 1203606 for CVE-2022-41218",
"url": "https://bugzilla.suse.com/1203606"
},
{
"category": "external",
"summary": "SUSE Bug 1205313 for CVE-2022-41218",
"url": "https://bugzilla.suse.com/1205313"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-41218",
"url": "https://bugzilla.suse.com/1209225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T23:34:04Z",
"details": "important"
}
],
"title": "CVE-2022-41218"
},
{
"cve": "CVE-2022-4139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4139"
}
],
"notes": [
{
"category": "general",
"text": "An incorrect TLB flush issue was found in the Linux kernel\u0027s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4139",
"url": "https://www.suse.com/security/cve/CVE-2022-4139"
},
{
"category": "external",
"summary": "SUSE Bug 1205700 for CVE-2022-4139",
"url": "https://bugzilla.suse.com/1205700"
},
{
"category": "external",
"summary": "SUSE Bug 1205815 for CVE-2022-4139",
"url": "https://bugzilla.suse.com/1205815"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-4139",
"url": "https://bugzilla.suse.com/1209225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T23:34:04Z",
"details": "important"
}
],
"title": "CVE-2022-4139"
},
{
"cve": "CVE-2022-4378",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4378"
}
],
"notes": [
{
"category": "general",
"text": "A stack overflow flaw was found in the Linux kernel\u0027s SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4378",
"url": "https://www.suse.com/security/cve/CVE-2022-4378"
},
{
"category": "external",
"summary": "SUSE Bug 1206207 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1206207"
},
{
"category": "external",
"summary": "SUSE Bug 1206228 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1206228"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1211118 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1211118"
},
{
"category": "external",
"summary": "SUSE Bug 1214268 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1214268"
},
{
"category": "external",
"summary": "SUSE Bug 1218483 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1218483"
},
{
"category": "external",
"summary": "SUSE Bug 1218966 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1218966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T23:34:04Z",
"details": "important"
}
],
"title": "CVE-2022-4378"
},
{
"cve": "CVE-2022-43945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-43945"
}
],
"notes": [
{
"category": "general",
"text": "The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-43945",
"url": "https://www.suse.com/security/cve/CVE-2022-43945"
},
{
"category": "external",
"summary": "SUSE Bug 1205128 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1205128"
},
{
"category": "external",
"summary": "SUSE Bug 1205130 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1205130"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1210124 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1210124"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_87-default-7-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T23:34:04Z",
"details": "important"
}
],
"title": "CVE-2022-43945"
}
]
}
SUSE-SU-2022:4544-1
Vulnerability from csaf_suse - Published: 2022-12-17 23:34 - Updated: 2022-12-17 23:34Summary
Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP3)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP3)
Description of the patch: This update for the Linux Kernel 5.3.18-150300_59_90 fixes several issues.
The following security issues were fixed:
- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).
- CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec (bsc#1206207).
- CVE-2022-4139: Fixed an issue with the i915 driver that allowed the GPU to access any physical memory (bsc#1205700).
- CVE-2022-3640: Fixed a use-after-free in l2cap_conn_del of the file net/bluetooth/l2cap_core.c (bsc#1204619).
- CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could allow a local unprivileged user to cause a denial of service (bsc#1204439).
- CVE-2022-3545: Fixed a use-after-free in area_cache_get() of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bsc#1204415).
- CVE-2022-41218: Fixed a use-after-free caused by refcount races, affecting dvb_demux_open() and dvb_dmxdev_release() in drivers/media/dvb-core/dmxdev.c (bsc#1202960).
Patchnames: SUSE-2022-4544,SUSE-SLE-Module-Live-Patching-15-SP3-2022-4544
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.4 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.1 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
59 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP3)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.3.18-150300_59_90 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).\n- CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec (bsc#1206207).\n- CVE-2022-4139: Fixed an issue with the i915 driver that allowed the GPU to access any physical memory (bsc#1205700).\n- CVE-2022-3640: Fixed a use-after-free in l2cap_conn_del of the file net/bluetooth/l2cap_core.c (bsc#1204619).\n- CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could allow a local unprivileged user to cause a denial of service (bsc#1204439).\n- CVE-2022-3545: Fixed a use-after-free in area_cache_get() of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bsc#1204415).\n- CVE-2022-41218: Fixed a use-after-free caused by refcount races, affecting dvb_demux_open() and dvb_dmxdev_release() in drivers/media/dvb-core/dmxdev.c (bsc#1202960).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-4544,SUSE-SLE-Module-Live-Patching-15-SP3-2022-4544",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_4544-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:4544-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20224544-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:4544-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-December/013270.html"
},
{
"category": "self",
"summary": "SUSE Bug 1203606",
"url": "https://bugzilla.suse.com/1203606"
},
{
"category": "self",
"summary": "SUSE Bug 1204424",
"url": "https://bugzilla.suse.com/1204424"
},
{
"category": "self",
"summary": "SUSE Bug 1204576",
"url": "https://bugzilla.suse.com/1204576"
},
{
"category": "self",
"summary": "SUSE Bug 1204624",
"url": "https://bugzilla.suse.com/1204624"
},
{
"category": "self",
"summary": "SUSE Bug 1205130",
"url": "https://bugzilla.suse.com/1205130"
},
{
"category": "self",
"summary": "SUSE Bug 1205815",
"url": "https://bugzilla.suse.com/1205815"
},
{
"category": "self",
"summary": "SUSE Bug 1206228",
"url": "https://bugzilla.suse.com/1206228"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3545 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3545/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3586 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3586/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3640 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41218 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41218/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4139 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4378 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4378/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-43945 page",
"url": "https://www.suse.com/security/cve/CVE-2022-43945/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP3)",
"tracking": {
"current_release_date": "2022-12-17T23:34:15Z",
"generator": {
"date": "2022-12-17T23:34:15Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:4544-1",
"initial_release_date": "2022-12-17T23:34:15Z",
"revision_history": [
{
"date": "2022-12-17T23:34:15Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x",
"product_id": "kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_90-preempt-6-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_90-preempt-6-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_90-preempt-6-150300.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-3545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3545"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3545",
"url": "https://www.suse.com/security/cve/CVE-2022-3545"
},
{
"category": "external",
"summary": "SUSE Bug 1204415 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1204415"
},
{
"category": "external",
"summary": "SUSE Bug 1204424 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1204424"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1217531 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1217531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T23:34:15Z",
"details": "important"
}
],
"title": "CVE-2022-3545"
},
{
"cve": "CVE-2022-3586",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3586"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3586",
"url": "https://www.suse.com/security/cve/CVE-2022-3586"
},
{
"category": "external",
"summary": "SUSE Bug 1204439 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1204439"
},
{
"category": "external",
"summary": "SUSE Bug 1204576 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1204576"
},
{
"category": "external",
"summary": "SUSE Bug 1208044 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1208044"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1212294 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1212294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T23:34:15Z",
"details": "important"
}
],
"title": "CVE-2022-3586"
},
{
"cve": "CVE-2022-3640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3640"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211944.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3640",
"url": "https://www.suse.com/security/cve/CVE-2022-3640"
},
{
"category": "external",
"summary": "SUSE Bug 1204619 for CVE-2022-3640",
"url": "https://bugzilla.suse.com/1204619"
},
{
"category": "external",
"summary": "SUSE Bug 1204624 for CVE-2022-3640",
"url": "https://bugzilla.suse.com/1204624"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-3640",
"url": "https://bugzilla.suse.com/1209225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T23:34:15Z",
"details": "important"
}
],
"title": "CVE-2022-3640"
},
{
"cve": "CVE-2022-41218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41218"
}
],
"notes": [
{
"category": "general",
"text": "In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41218",
"url": "https://www.suse.com/security/cve/CVE-2022-41218"
},
{
"category": "external",
"summary": "SUSE Bug 1202960 for CVE-2022-41218",
"url": "https://bugzilla.suse.com/1202960"
},
{
"category": "external",
"summary": "SUSE Bug 1203606 for CVE-2022-41218",
"url": "https://bugzilla.suse.com/1203606"
},
{
"category": "external",
"summary": "SUSE Bug 1205313 for CVE-2022-41218",
"url": "https://bugzilla.suse.com/1205313"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-41218",
"url": "https://bugzilla.suse.com/1209225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T23:34:15Z",
"details": "important"
}
],
"title": "CVE-2022-41218"
},
{
"cve": "CVE-2022-4139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4139"
}
],
"notes": [
{
"category": "general",
"text": "An incorrect TLB flush issue was found in the Linux kernel\u0027s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4139",
"url": "https://www.suse.com/security/cve/CVE-2022-4139"
},
{
"category": "external",
"summary": "SUSE Bug 1205700 for CVE-2022-4139",
"url": "https://bugzilla.suse.com/1205700"
},
{
"category": "external",
"summary": "SUSE Bug 1205815 for CVE-2022-4139",
"url": "https://bugzilla.suse.com/1205815"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-4139",
"url": "https://bugzilla.suse.com/1209225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T23:34:15Z",
"details": "important"
}
],
"title": "CVE-2022-4139"
},
{
"cve": "CVE-2022-4378",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4378"
}
],
"notes": [
{
"category": "general",
"text": "A stack overflow flaw was found in the Linux kernel\u0027s SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4378",
"url": "https://www.suse.com/security/cve/CVE-2022-4378"
},
{
"category": "external",
"summary": "SUSE Bug 1206207 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1206207"
},
{
"category": "external",
"summary": "SUSE Bug 1206228 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1206228"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1211118 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1211118"
},
{
"category": "external",
"summary": "SUSE Bug 1214268 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1214268"
},
{
"category": "external",
"summary": "SUSE Bug 1218483 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1218483"
},
{
"category": "external",
"summary": "SUSE Bug 1218966 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1218966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T23:34:15Z",
"details": "important"
}
],
"title": "CVE-2022-4378"
},
{
"cve": "CVE-2022-43945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-43945"
}
],
"notes": [
{
"category": "general",
"text": "The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-43945",
"url": "https://www.suse.com/security/cve/CVE-2022-43945"
},
{
"category": "external",
"summary": "SUSE Bug 1205128 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1205128"
},
{
"category": "external",
"summary": "SUSE Bug 1205130 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1205130"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1210124 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1210124"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_90-default-6-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-17T23:34:15Z",
"details": "important"
}
],
"title": "CVE-2022-43945"
}
]
}
SUSE-SU-2022:4545-1
Vulnerability from csaf_suse - Published: 2022-12-18 00:05 - Updated: 2022-12-18 00:05Summary
Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP5)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP5)
Description of the patch: This update for the Linux Kernel 4.12.14-122_133 fixes several issues.
The following security issues were fixed:
- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).
- CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec (bsc#1206207).
- CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could allow a local unprivileged user to cause a denial of service (bsc#1204439).
- CVE-2022-3545: Fixed a use-after-free in area_cache_get() of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bsc#1204415).
- CVE-2022-41218: Fixed a use-after-free caused by refcount races, affecting dvb_demux_open() and dvb_dmxdev_release() in drivers/media/dvb-core/dmxdev.c (bsc#1202960).
Patchnames: SUSE-2022-4545,SUSE-SLE-Live-Patching-12-SP5-2022-4545
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.4 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
47 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP5)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.12.14-122_133 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).\n- CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec (bsc#1206207).\n- CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could allow a local unprivileged user to cause a denial of service (bsc#1204439).\n- CVE-2022-3545: Fixed a use-after-free in area_cache_get() of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bsc#1204415).\n- CVE-2022-41218: Fixed a use-after-free caused by refcount races, affecting dvb_demux_open() and dvb_dmxdev_release() in drivers/media/dvb-core/dmxdev.c (bsc#1202960).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-4545,SUSE-SLE-Live-Patching-12-SP5-2022-4545",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_4545-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:4545-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20224545-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:4545-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-December/013267.html"
},
{
"category": "self",
"summary": "SUSE Bug 1203606",
"url": "https://bugzilla.suse.com/1203606"
},
{
"category": "self",
"summary": "SUSE Bug 1204424",
"url": "https://bugzilla.suse.com/1204424"
},
{
"category": "self",
"summary": "SUSE Bug 1204576",
"url": "https://bugzilla.suse.com/1204576"
},
{
"category": "self",
"summary": "SUSE Bug 1205130",
"url": "https://bugzilla.suse.com/1205130"
},
{
"category": "self",
"summary": "SUSE Bug 1206228",
"url": "https://bugzilla.suse.com/1206228"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3545 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3545/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3586 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3586/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41218 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41218/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4378 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4378/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-43945 page",
"url": "https://www.suse.com/security/cve/CVE-2022-43945/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP5)",
"tracking": {
"current_release_date": "2022-12-18T00:05:33Z",
"generator": {
"date": "2022-12-18T00:05:33Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:4545-1",
"initial_release_date": "2022-12-18T00:05:33Z",
"revision_history": [
{
"date": "2022-12-18T00:05:33Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_133-default-3-2.1.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_133-default-3-2.1.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_133-default-3-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_133-default-3-2.1.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_133-default-3-2.1.s390x",
"product_id": "kgraft-patch-4_12_14-122_133-default-3-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_133-default-3-2.1.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_133-default-3-2.1.x86_64",
"product_id": "kgraft-patch-4_12_14-122_133-default-3-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_133-default-3-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_133-default-3-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_133-default-3-2.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_133-default-3-2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_133-default-3-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_133-default-3-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-3545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3545"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3545",
"url": "https://www.suse.com/security/cve/CVE-2022-3545"
},
{
"category": "external",
"summary": "SUSE Bug 1204415 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1204415"
},
{
"category": "external",
"summary": "SUSE Bug 1204424 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1204424"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1217531 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1217531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-18T00:05:33Z",
"details": "important"
}
],
"title": "CVE-2022-3545"
},
{
"cve": "CVE-2022-3586",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3586"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3586",
"url": "https://www.suse.com/security/cve/CVE-2022-3586"
},
{
"category": "external",
"summary": "SUSE Bug 1204439 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1204439"
},
{
"category": "external",
"summary": "SUSE Bug 1204576 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1204576"
},
{
"category": "external",
"summary": "SUSE Bug 1208044 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1208044"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1212294 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1212294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-18T00:05:33Z",
"details": "important"
}
],
"title": "CVE-2022-3586"
},
{
"cve": "CVE-2022-41218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41218"
}
],
"notes": [
{
"category": "general",
"text": "In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41218",
"url": "https://www.suse.com/security/cve/CVE-2022-41218"
},
{
"category": "external",
"summary": "SUSE Bug 1202960 for CVE-2022-41218",
"url": "https://bugzilla.suse.com/1202960"
},
{
"category": "external",
"summary": "SUSE Bug 1203606 for CVE-2022-41218",
"url": "https://bugzilla.suse.com/1203606"
},
{
"category": "external",
"summary": "SUSE Bug 1205313 for CVE-2022-41218",
"url": "https://bugzilla.suse.com/1205313"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-41218",
"url": "https://bugzilla.suse.com/1209225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-18T00:05:33Z",
"details": "important"
}
],
"title": "CVE-2022-41218"
},
{
"cve": "CVE-2022-4378",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4378"
}
],
"notes": [
{
"category": "general",
"text": "A stack overflow flaw was found in the Linux kernel\u0027s SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4378",
"url": "https://www.suse.com/security/cve/CVE-2022-4378"
},
{
"category": "external",
"summary": "SUSE Bug 1206207 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1206207"
},
{
"category": "external",
"summary": "SUSE Bug 1206228 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1206228"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1211118 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1211118"
},
{
"category": "external",
"summary": "SUSE Bug 1214268 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1214268"
},
{
"category": "external",
"summary": "SUSE Bug 1218483 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1218483"
},
{
"category": "external",
"summary": "SUSE Bug 1218966 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1218966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-18T00:05:33Z",
"details": "important"
}
],
"title": "CVE-2022-4378"
},
{
"cve": "CVE-2022-43945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-43945"
}
],
"notes": [
{
"category": "general",
"text": "The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-43945",
"url": "https://www.suse.com/security/cve/CVE-2022-43945"
},
{
"category": "external",
"summary": "SUSE Bug 1205128 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1205128"
},
{
"category": "external",
"summary": "SUSE Bug 1205130 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1205130"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1210124 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1210124"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_133-default-3-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-18T00:05:33Z",
"details": "important"
}
],
"title": "CVE-2022-43945"
}
]
}
SUSE-SU-2022:4546-1
Vulnerability from csaf_suse - Published: 2022-12-18 00:05 - Updated: 2022-12-18 00:05Summary
Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP5)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP5)
Description of the patch: This update for the Linux Kernel 4.12.14-122_136 fixes several issues.
The following security issues were fixed:
- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).
- CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec (bsc#1206207).
- CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could allow a local unprivileged user to cause a denial of service (bsc#1204439).
- CVE-2022-3545: Fixed a use-after-free in area_cache_get() of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bsc#1204415).
Patchnames: SUSE-2022-4546,SUSE-SLE-Live-Patching-12-SP5-2022-4546
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.4 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
40 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP5)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.12.14-122_136 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).\n- CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec (bsc#1206207).\n- CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could allow a local unprivileged user to cause a denial of service (bsc#1204439).\n- CVE-2022-3545: Fixed a use-after-free in area_cache_get() of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bsc#1204415).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-4546,SUSE-SLE-Live-Patching-12-SP5-2022-4546",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_4546-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:4546-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20224546-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:4546-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-December/013269.html"
},
{
"category": "self",
"summary": "SUSE Bug 1204424",
"url": "https://bugzilla.suse.com/1204424"
},
{
"category": "self",
"summary": "SUSE Bug 1204576",
"url": "https://bugzilla.suse.com/1204576"
},
{
"category": "self",
"summary": "SUSE Bug 1205130",
"url": "https://bugzilla.suse.com/1205130"
},
{
"category": "self",
"summary": "SUSE Bug 1206228",
"url": "https://bugzilla.suse.com/1206228"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3545 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3545/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3586 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3586/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4378 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4378/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-43945 page",
"url": "https://www.suse.com/security/cve/CVE-2022-43945/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP5)",
"tracking": {
"current_release_date": "2022-12-18T00:05:43Z",
"generator": {
"date": "2022-12-18T00:05:43Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:4546-1",
"initial_release_date": "2022-12-18T00:05:43Z",
"revision_history": [
{
"date": "2022-12-18T00:05:43Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_136-default-2-2.1.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_136-default-2-2.1.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_136-default-2-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_136-default-2-2.1.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_136-default-2-2.1.s390x",
"product_id": "kgraft-patch-4_12_14-122_136-default-2-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_136-default-2-2.1.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_136-default-2-2.1.x86_64",
"product_id": "kgraft-patch-4_12_14-122_136-default-2-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_136-default-2-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_136-default-2-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_136-default-2-2.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_136-default-2-2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_136-default-2-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_136-default-2-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-3545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3545"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3545",
"url": "https://www.suse.com/security/cve/CVE-2022-3545"
},
{
"category": "external",
"summary": "SUSE Bug 1204415 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1204415"
},
{
"category": "external",
"summary": "SUSE Bug 1204424 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1204424"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1217531 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1217531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-18T00:05:43Z",
"details": "important"
}
],
"title": "CVE-2022-3545"
},
{
"cve": "CVE-2022-3586",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3586"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3586",
"url": "https://www.suse.com/security/cve/CVE-2022-3586"
},
{
"category": "external",
"summary": "SUSE Bug 1204439 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1204439"
},
{
"category": "external",
"summary": "SUSE Bug 1204576 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1204576"
},
{
"category": "external",
"summary": "SUSE Bug 1208044 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1208044"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1212294 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1212294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-18T00:05:43Z",
"details": "important"
}
],
"title": "CVE-2022-3586"
},
{
"cve": "CVE-2022-4378",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4378"
}
],
"notes": [
{
"category": "general",
"text": "A stack overflow flaw was found in the Linux kernel\u0027s SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4378",
"url": "https://www.suse.com/security/cve/CVE-2022-4378"
},
{
"category": "external",
"summary": "SUSE Bug 1206207 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1206207"
},
{
"category": "external",
"summary": "SUSE Bug 1206228 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1206228"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1211118 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1211118"
},
{
"category": "external",
"summary": "SUSE Bug 1214268 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1214268"
},
{
"category": "external",
"summary": "SUSE Bug 1218483 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1218483"
},
{
"category": "external",
"summary": "SUSE Bug 1218966 for CVE-2022-4378",
"url": "https://bugzilla.suse.com/1218966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-18T00:05:43Z",
"details": "important"
}
],
"title": "CVE-2022-4378"
},
{
"cve": "CVE-2022-43945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-43945"
}
],
"notes": [
{
"category": "general",
"text": "The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-43945",
"url": "https://www.suse.com/security/cve/CVE-2022-43945"
},
{
"category": "external",
"summary": "SUSE Bug 1205128 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1205128"
},
{
"category": "external",
"summary": "SUSE Bug 1205130 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1205130"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1210124 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1210124"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_136-default-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-18T00:05:43Z",
"details": "important"
}
],
"title": "CVE-2022-43945"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…