Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-3159 (GCVE-0-2023-3159)
Vulnerability from cvelistv5 – Published: 2023-06-12 00:00 – Updated: 2025-04-23 16:21
VLAI
EPSS
Summary
A use after free issue was discovered in driver/firewire in outbound_phy_packet_callback in the Linux Kernel. In this flaw a local attacker with special privilege may cause a use after free problem when queue_event() fails.
Severity
6.7 (Medium)
CWE
Assigner
References
1 reference
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:48:08.155Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/b7c81f80246fac44077166f3e07103affe6db8ff"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-3159",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:27:52.110317Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:21:13.455Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Kernel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Kernel version prior to Kernel 5.18-rc6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use after free issue was discovered in driver/firewire in outbound_phy_packet_callback in the Linux Kernel. In this flaw a local attacker with special privilege may cause a use after free problem when queue_event() fails."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-12T00:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://github.com/torvalds/linux/commit/b7c81f80246fac44077166f3e07103affe6db8ff"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-3159",
"datePublished": "2023-06-12T00:00:00.000Z",
"dateReserved": "2023-06-08T00:00:00.000Z",
"dateUpdated": "2025-04-23T16:21:13.455Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-3159",
"date": "2026-05-29",
"epss": "0.00012",
"percentile": "0.01935"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-3159\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2023-06-12T21:15:22.937\",\"lastModified\":\"2025-04-23T17:16:35.543\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A use after free issue was discovered in driver/firewire in outbound_phy_packet_callback in the Linux Kernel. In this flaw a local attacker with special privilege may cause a use after free problem when queue_event() fails.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.18\",\"matchCriteriaId\":\"FE93544F-B946-47CF-9697-FBF3484FCB92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.18:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0384FA0A-DE99-48D7-84E3-46ED0C3B5E03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.18:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AD94161-84BB-42E6-9882-4FC0C42E9FC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.18:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AB06DDF-3C2B-416D-B448-E990D8FF67A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.18:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAE6C6C5-4D21-4C04-897C-70CBBB3D7B91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.18:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA5F085D-52F3-4EE2-8353-455D1A6FE073\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.18:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6EE5B78-0D83-4715-893C-ABD69B49E7FC\"}]}]}],\"references\":[{\"url\":\"https://github.com/torvalds/linux/commit/b7c81f80246fac44077166f3e07103affe6db8ff\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/torvalds/linux/commit/b7c81f80246fac44077166f3e07103affe6db8ff\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/torvalds/linux/commit/b7c81f80246fac44077166f3e07103affe6db8ff\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T06:48:08.155Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.7, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-3159\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-23T13:27:52.110317Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-23T15:10:09.499Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"Kernel\", \"versions\": [{\"status\": \"affected\", \"version\": \"Kernel version prior to Kernel 5.18-rc6\"}]}], \"references\": [{\"url\": \"https://github.com/torvalds/linux/commit/b7c81f80246fac44077166f3e07103affe6db8ff\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A use after free issue was discovered in driver/firewire in outbound_phy_packet_callback in the Linux Kernel. In this flaw a local attacker with special privilege may cause a use after free problem when queue_event() fails.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-416\", \"description\": \"CWE-416\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2023-06-12T00:00:00.000Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-3159\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-23T16:21:13.455Z\", \"dateReserved\": \"2023-06-08T00:00:00.000Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2023-06-12T00:00:00.000Z\", \"assignerShortName\": \"redhat\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
SUSE-SU-2023:3035-1
Vulnerability from csaf_suse - Published: 2023-07-31 08:58 - Updated: 2023-07-31 08:58Summary
Security update for the Linux Kernel (Live Patch 31 for SLE 15 SP2)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 31 for SLE 15 SP2)
Description of the patch: This update for the Linux Kernel 5.3.18-150200_24_134 fixes several issues.
The following security issues were fixed:
- CVE-2023-35788: Fixed an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets in fl_set_geneve_opt in net/sched/cls_flower.c (bsc#1212509).
- CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212347).
- CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication (bsc#1210566).
Patchnames: SUSE-2023-3035,SUSE-SLE-Module-Live-Patching-15-SP2-2023-3035
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
23 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 31 for SLE 15 SP2)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.3.18-150200_24_134 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-35788: Fixed an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets in fl_set_geneve_opt in net/sched/cls_flower.c (bsc#1212509).\n- CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212347).\n- CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication (bsc#1210566).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-3035,SUSE-SLE-Module-Live-Patching-15-SP2-2023-3035",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_3035-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:3035-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20233035-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:3035-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-July/015701.html"
},
{
"category": "self",
"summary": "SUSE Bug 1210566",
"url": "https://bugzilla.suse.com/1210566"
},
{
"category": "self",
"summary": "SUSE Bug 1212347",
"url": "https://bugzilla.suse.com/1212347"
},
{
"category": "self",
"summary": "SUSE Bug 1212509",
"url": "https://bugzilla.suse.com/1212509"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2002 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3159 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-35788 page",
"url": "https://www.suse.com/security/cve/CVE-2023-35788/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 31 for SLE 15 SP2)",
"tracking": {
"current_release_date": "2023-07-31T08:58:24Z",
"generator": {
"date": "2023-07-31T08:58:24Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:3035-1",
"initial_release_date": "2023-07-31T08:58:24Z",
"revision_history": [
{
"date": "2023-07-31T08:58:24Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.s390x",
"product_id": "kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.x86_64",
"product_id": "kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_134-preempt-10-150200.2.2.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_134-preempt-10-150200.2.2.x86_64",
"product_id": "kernel-livepatch-5_3_18-150200_24_134-preempt-10-150200.2.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.s390x as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-2002",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2002"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2002",
"url": "https://www.suse.com/security/cve/CVE-2023-2002"
},
{
"category": "external",
"summary": "SUSE Bug 1210533 for CVE-2023-2002",
"url": "https://bugzilla.suse.com/1210533"
},
{
"category": "external",
"summary": "SUSE Bug 1210566 for CVE-2023-2002",
"url": "https://bugzilla.suse.com/1210566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-07-31T08:58:24Z",
"details": "important"
}
],
"title": "CVE-2023-2002"
},
{
"cve": "CVE-2023-3159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3159"
}
],
"notes": [
{
"category": "general",
"text": "A use after free issue was discovered in driver/firewire in outbound_phy_packet_callback in the Linux Kernel. In this flaw a local attacker with special privilege may cause a use after free problem when queue_event() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3159",
"url": "https://www.suse.com/security/cve/CVE-2023-3159"
},
{
"category": "external",
"summary": "SUSE Bug 1208600 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1208600"
},
{
"category": "external",
"summary": "SUSE Bug 1212128 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1212128"
},
{
"category": "external",
"summary": "SUSE Bug 1212347 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1212347"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1213842"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1214128"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-07-31T08:58:24Z",
"details": "important"
}
],
"title": "CVE-2023-3159"
},
{
"cve": "CVE-2023-35788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-35788"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-35788",
"url": "https://www.suse.com/security/cve/CVE-2023-35788"
},
{
"category": "external",
"summary": "SUSE Bug 1212504 for CVE-2023-35788",
"url": "https://bugzilla.suse.com/1212504"
},
{
"category": "external",
"summary": "SUSE Bug 1212509 for CVE-2023-35788",
"url": "https://bugzilla.suse.com/1212509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_134-default-10-150200.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-07-31T08:58:24Z",
"details": "important"
}
],
"title": "CVE-2023-35788"
}
]
}
SUSE-SU-2023:3046-1
Vulnerability from csaf_suse - Published: 2023-07-31 09:33 - Updated: 2023-07-31 09:33Summary
Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP1)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP1)
Description of the patch: This update for the Linux Kernel 4.12.14-150100_197_120 fixes several issues.
The following security issues were fixed:
- CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212347).
- CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication (bsc#1210566).
Patchnames: SUSE-2023-3046,SUSE-SLE-Module-Live-Patching-15-SP1-2023-3046
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-12-150100.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-12-150100.2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-12-150100.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-12-150100.2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
18 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP1)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.12.14-150100_197_120 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212347).\n- CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication (bsc#1210566).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-3046,SUSE-SLE-Module-Live-Patching-15-SP1-2023-3046",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_3046-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:3046-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20233046-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:3046-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-July/015702.html"
},
{
"category": "self",
"summary": "SUSE Bug 1210566",
"url": "https://bugzilla.suse.com/1210566"
},
{
"category": "self",
"summary": "SUSE Bug 1212347",
"url": "https://bugzilla.suse.com/1212347"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2002 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3159 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3159/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP1)",
"tracking": {
"current_release_date": "2023-07-31T09:33:56Z",
"generator": {
"date": "2023-07-31T09:33:56Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:3046-1",
"initial_release_date": "2023-07-31T09:33:56Z",
"revision_history": [
{
"date": "2023-07-31T09:33:56Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-150100_197_120-default-12-150100.2.2.ppc64le",
"product": {
"name": "kernel-livepatch-4_12_14-150100_197_120-default-12-150100.2.2.ppc64le",
"product_id": "kernel-livepatch-4_12_14-150100_197_120-default-12-150100.2.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-150100_197_120-default-12-150100.2.2.x86_64",
"product": {
"name": "kernel-livepatch-4_12_14-150100_197_120-default-12-150100.2.2.x86_64",
"product_id": "kernel-livepatch-4_12_14-150100_197_120-default-12-150100.2.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-150100_197_120-default-12-150100.2.2.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-12-150100.2.2.ppc64le"
},
"product_reference": "kernel-livepatch-4_12_14-150100_197_120-default-12-150100.2.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-150100_197_120-default-12-150100.2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP1",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-12-150100.2.2.x86_64"
},
"product_reference": "kernel-livepatch-4_12_14-150100_197_120-default-12-150100.2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-2002",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2002"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-12-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-12-150100.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2002",
"url": "https://www.suse.com/security/cve/CVE-2023-2002"
},
{
"category": "external",
"summary": "SUSE Bug 1210533 for CVE-2023-2002",
"url": "https://bugzilla.suse.com/1210533"
},
{
"category": "external",
"summary": "SUSE Bug 1210566 for CVE-2023-2002",
"url": "https://bugzilla.suse.com/1210566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-12-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-12-150100.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-12-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-12-150100.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-07-31T09:33:56Z",
"details": "important"
}
],
"title": "CVE-2023-2002"
},
{
"cve": "CVE-2023-3159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3159"
}
],
"notes": [
{
"category": "general",
"text": "A use after free issue was discovered in driver/firewire in outbound_phy_packet_callback in the Linux Kernel. In this flaw a local attacker with special privilege may cause a use after free problem when queue_event() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-12-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-12-150100.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3159",
"url": "https://www.suse.com/security/cve/CVE-2023-3159"
},
{
"category": "external",
"summary": "SUSE Bug 1208600 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1208600"
},
{
"category": "external",
"summary": "SUSE Bug 1212128 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1212128"
},
{
"category": "external",
"summary": "SUSE Bug 1212347 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1212347"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1213842"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1214128"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-12-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-12-150100.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-12-150100.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_120-default-12-150100.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-07-31T09:33:56Z",
"details": "important"
}
],
"title": "CVE-2023-3159"
}
]
}
SUSE-SU-2023:3069-1
Vulnerability from csaf_suse - Published: 2023-07-31 15:34 - Updated: 2023-07-31 15:34Summary
Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP5)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP5)
Description of the patch: This update for the Linux Kernel 4.12.14-122_144 fixes several issues.
The following security issues were fixed:
- CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212347).
- CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication (bsc#1210566).
Patchnames: SUSE-2023-3069,SUSE-SLE-Live-Patching-12-SP5-2023-3072
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_144-default-7-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_144-default-7-2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_144-default-7-2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_144-default-7-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_144-default-7-2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_144-default-7-2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
18 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP5)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.12.14-122_144 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212347).\n- CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication (bsc#1210566).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-3069,SUSE-SLE-Live-Patching-12-SP5-2023-3072",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_3069-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:3069-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20233069-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:3069-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-July/015709.html"
},
{
"category": "self",
"summary": "SUSE Bug 1210566",
"url": "https://bugzilla.suse.com/1210566"
},
{
"category": "self",
"summary": "SUSE Bug 1212347",
"url": "https://bugzilla.suse.com/1212347"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2002 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3159 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3159/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP5)",
"tracking": {
"current_release_date": "2023-07-31T15:34:34Z",
"generator": {
"date": "2023-07-31T15:34:34Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:3069-1",
"initial_release_date": "2023-07-31T15:34:34Z",
"revision_history": [
{
"date": "2023-07-31T15:34:34Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_133-default-10-2.3.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_133-default-10-2.3.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_133-default-10-2.3.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_144-default-7-2.3.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_144-default-7-2.3.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_144-default-7-2.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_133-default-10-2.3.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_133-default-10-2.3.s390x",
"product_id": "kgraft-patch-4_12_14-122_133-default-10-2.3.s390x"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_144-default-7-2.3.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_144-default-7-2.3.s390x",
"product_id": "kgraft-patch-4_12_14-122_144-default-7-2.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_133-default-10-2.3.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_133-default-10-2.3.x86_64",
"product_id": "kgraft-patch-4_12_14-122_133-default-10-2.3.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_144-default-7-2.3.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_144-default-7-2.3.x86_64",
"product_id": "kgraft-patch-4_12_14-122_144-default-7-2.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_144-default-7-2.3.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_144-default-7-2.3.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_144-default-7-2.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_144-default-7-2.3.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_144-default-7-2.3.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_144-default-7-2.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_144-default-7-2.3.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_144-default-7-2.3.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_144-default-7-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-2002",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2002"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_144-default-7-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_144-default-7-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_144-default-7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2002",
"url": "https://www.suse.com/security/cve/CVE-2023-2002"
},
{
"category": "external",
"summary": "SUSE Bug 1210533 for CVE-2023-2002",
"url": "https://bugzilla.suse.com/1210533"
},
{
"category": "external",
"summary": "SUSE Bug 1210566 for CVE-2023-2002",
"url": "https://bugzilla.suse.com/1210566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_144-default-7-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_144-default-7-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_144-default-7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_144-default-7-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_144-default-7-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_144-default-7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-07-31T15:34:34Z",
"details": "important"
}
],
"title": "CVE-2023-2002"
},
{
"cve": "CVE-2023-3159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3159"
}
],
"notes": [
{
"category": "general",
"text": "A use after free issue was discovered in driver/firewire in outbound_phy_packet_callback in the Linux Kernel. In this flaw a local attacker with special privilege may cause a use after free problem when queue_event() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_144-default-7-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_144-default-7-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_144-default-7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3159",
"url": "https://www.suse.com/security/cve/CVE-2023-3159"
},
{
"category": "external",
"summary": "SUSE Bug 1208600 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1208600"
},
{
"category": "external",
"summary": "SUSE Bug 1212128 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1212128"
},
{
"category": "external",
"summary": "SUSE Bug 1212347 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1212347"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1213842"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1214128"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_144-default-7-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_144-default-7-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_144-default-7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_144-default-7-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_144-default-7-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_144-default-7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-07-31T15:34:34Z",
"details": "important"
}
],
"title": "CVE-2023-3159"
}
]
}
SUSE-SU-2023:3073-1
Vulnerability from csaf_suse - Published: 2023-07-31 16:04 - Updated: 2023-07-31 16:04Summary
Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP5)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP5)
Description of the patch: This update for the Linux Kernel 4.12.14-122_150 fixes several issues.
The following security issues were fixed:
- CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212347).
- CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication (bsc#1210566).
Patchnames: SUSE-2023-3073,SUSE-SLE-Live-Patching-12-SP5-2023-3073
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-6-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-6-2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-6-2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-6-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-6-2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-6-2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
18 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP5)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.12.14-122_150 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212347).\n- CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication (bsc#1210566).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-3073,SUSE-SLE-Live-Patching-12-SP5-2023-3073",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_3073-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:3073-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20233073-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:3073-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-July/015715.html"
},
{
"category": "self",
"summary": "SUSE Bug 1210566",
"url": "https://bugzilla.suse.com/1210566"
},
{
"category": "self",
"summary": "SUSE Bug 1212347",
"url": "https://bugzilla.suse.com/1212347"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2002 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3159 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3159/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP5)",
"tracking": {
"current_release_date": "2023-07-31T16:04:15Z",
"generator": {
"date": "2023-07-31T16:04:15Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:3073-1",
"initial_release_date": "2023-07-31T16:04:15Z",
"revision_history": [
{
"date": "2023-07-31T16:04:15Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_150-default-6-2.3.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_150-default-6-2.3.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_150-default-6-2.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_150-default-6-2.3.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_150-default-6-2.3.s390x",
"product_id": "kgraft-patch-4_12_14-122_150-default-6-2.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_150-default-6-2.3.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_150-default-6-2.3.x86_64",
"product_id": "kgraft-patch-4_12_14-122_150-default-6-2.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_150-default-6-2.3.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-6-2.3.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_150-default-6-2.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_150-default-6-2.3.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-6-2.3.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_150-default-6-2.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_150-default-6-2.3.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-6-2.3.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_150-default-6-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-2002",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2002"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-6-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-6-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-6-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2002",
"url": "https://www.suse.com/security/cve/CVE-2023-2002"
},
{
"category": "external",
"summary": "SUSE Bug 1210533 for CVE-2023-2002",
"url": "https://bugzilla.suse.com/1210533"
},
{
"category": "external",
"summary": "SUSE Bug 1210566 for CVE-2023-2002",
"url": "https://bugzilla.suse.com/1210566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-6-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-6-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-6-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-6-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-6-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-6-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-07-31T16:04:15Z",
"details": "important"
}
],
"title": "CVE-2023-2002"
},
{
"cve": "CVE-2023-3159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3159"
}
],
"notes": [
{
"category": "general",
"text": "A use after free issue was discovered in driver/firewire in outbound_phy_packet_callback in the Linux Kernel. In this flaw a local attacker with special privilege may cause a use after free problem when queue_event() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-6-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-6-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-6-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3159",
"url": "https://www.suse.com/security/cve/CVE-2023-3159"
},
{
"category": "external",
"summary": "SUSE Bug 1208600 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1208600"
},
{
"category": "external",
"summary": "SUSE Bug 1212128 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1212128"
},
{
"category": "external",
"summary": "SUSE Bug 1212347 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1212347"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1213842"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1214128"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-6-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-6-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-6-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-6-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-6-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_150-default-6-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-07-31T16:04:15Z",
"details": "important"
}
],
"title": "CVE-2023-3159"
}
]
}
SUSE-SU-2023:3075-1
Vulnerability from csaf_suse - Published: 2023-07-31 17:33 - Updated: 2023-07-31 17:33Summary
Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP2)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP2)
Description of the patch: This update for the Linux Kernel 5.3.18-150200_24_126 fixes several issues.
The following security issues were fixed:
- CVE-2023-35788: Fixed an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets in fl_set_geneve_opt in net/sched/cls_flower.c (bsc#1212509).
- CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212347).
- CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication (bsc#1210566).
Patchnames: SUSE-2023-3075,SUSE-SLE-Module-Live-Patching-15-SP2-2023-3075
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
23 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP2)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.3.18-150200_24_126 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-35788: Fixed an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets in fl_set_geneve_opt in net/sched/cls_flower.c (bsc#1212509).\n- CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212347).\n- CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication (bsc#1210566).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-3075,SUSE-SLE-Module-Live-Patching-15-SP2-2023-3075",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_3075-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:3075-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20233075-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:3075-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-July/015714.html"
},
{
"category": "self",
"summary": "SUSE Bug 1210566",
"url": "https://bugzilla.suse.com/1210566"
},
{
"category": "self",
"summary": "SUSE Bug 1212347",
"url": "https://bugzilla.suse.com/1212347"
},
{
"category": "self",
"summary": "SUSE Bug 1212509",
"url": "https://bugzilla.suse.com/1212509"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2002 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3159 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-35788 page",
"url": "https://www.suse.com/security/cve/CVE-2023-35788/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP2)",
"tracking": {
"current_release_date": "2023-07-31T17:33:53Z",
"generator": {
"date": "2023-07-31T17:33:53Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:3075-1",
"initial_release_date": "2023-07-31T17:33:53Z",
"revision_history": [
{
"date": "2023-07-31T17:33:53Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.s390x",
"product_id": "kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.x86_64",
"product_id": "kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_126-preempt-13-150200.2.2.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_126-preempt-13-150200.2.2.x86_64",
"product_id": "kernel-livepatch-5_3_18-150200_24_126-preempt-13-150200.2.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.s390x as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-2002",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2002"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2002",
"url": "https://www.suse.com/security/cve/CVE-2023-2002"
},
{
"category": "external",
"summary": "SUSE Bug 1210533 for CVE-2023-2002",
"url": "https://bugzilla.suse.com/1210533"
},
{
"category": "external",
"summary": "SUSE Bug 1210566 for CVE-2023-2002",
"url": "https://bugzilla.suse.com/1210566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-07-31T17:33:53Z",
"details": "important"
}
],
"title": "CVE-2023-2002"
},
{
"cve": "CVE-2023-3159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3159"
}
],
"notes": [
{
"category": "general",
"text": "A use after free issue was discovered in driver/firewire in outbound_phy_packet_callback in the Linux Kernel. In this flaw a local attacker with special privilege may cause a use after free problem when queue_event() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3159",
"url": "https://www.suse.com/security/cve/CVE-2023-3159"
},
{
"category": "external",
"summary": "SUSE Bug 1208600 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1208600"
},
{
"category": "external",
"summary": "SUSE Bug 1212128 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1212128"
},
{
"category": "external",
"summary": "SUSE Bug 1212347 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1212347"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1213842"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1214128"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-07-31T17:33:53Z",
"details": "important"
}
],
"title": "CVE-2023-3159"
},
{
"cve": "CVE-2023-35788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-35788"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-35788",
"url": "https://www.suse.com/security/cve/CVE-2023-35788"
},
{
"category": "external",
"summary": "SUSE Bug 1212504 for CVE-2023-35788",
"url": "https://bugzilla.suse.com/1212504"
},
{
"category": "external",
"summary": "SUSE Bug 1212509 for CVE-2023-35788",
"url": "https://bugzilla.suse.com/1212509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_126-default-13-150200.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-07-31T17:33:53Z",
"details": "important"
}
],
"title": "CVE-2023-35788"
}
]
}
SUSE-SU-2023:3081-1
Vulnerability from csaf_suse - Published: 2023-07-31 20:02 - Updated: 2023-07-31 20:02Summary
Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP2)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP2)
Description of the patch: This update for the Linux Kernel 5.3.18-150200_24_151 fixes several issues.
The following security issues were fixed:
- CVE-2023-35788: Fixed an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets in fl_set_geneve_opt in net/sched/cls_flower.c (bsc#1212509).
- CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212347).
- CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication (bsc#1210566).
Patchnames: SUSE-2023-3081,SUSE-SLE-Module-Live-Patching-15-SP2-2023-3081
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
23 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP2)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.3.18-150200_24_151 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-35788: Fixed an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets in fl_set_geneve_opt in net/sched/cls_flower.c (bsc#1212509).\n- CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212347).\n- CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication (bsc#1210566).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-3081,SUSE-SLE-Module-Live-Patching-15-SP2-2023-3081",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_3081-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:3081-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20233081-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:3081-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-August/015717.html"
},
{
"category": "self",
"summary": "SUSE Bug 1210566",
"url": "https://bugzilla.suse.com/1210566"
},
{
"category": "self",
"summary": "SUSE Bug 1212347",
"url": "https://bugzilla.suse.com/1212347"
},
{
"category": "self",
"summary": "SUSE Bug 1212509",
"url": "https://bugzilla.suse.com/1212509"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2002 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3159 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-35788 page",
"url": "https://www.suse.com/security/cve/CVE-2023-35788/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP2)",
"tracking": {
"current_release_date": "2023-07-31T20:02:19Z",
"generator": {
"date": "2023-07-31T20:02:19Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:3081-1",
"initial_release_date": "2023-07-31T20:02:19Z",
"revision_history": [
{
"date": "2023-07-31T20:02:19Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.s390x",
"product_id": "kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_151-preempt-4-150200.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_151-preempt-4-150200.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150200_24_151-preempt-4-150200.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-2002",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2002"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2002",
"url": "https://www.suse.com/security/cve/CVE-2023-2002"
},
{
"category": "external",
"summary": "SUSE Bug 1210533 for CVE-2023-2002",
"url": "https://bugzilla.suse.com/1210533"
},
{
"category": "external",
"summary": "SUSE Bug 1210566 for CVE-2023-2002",
"url": "https://bugzilla.suse.com/1210566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-07-31T20:02:19Z",
"details": "important"
}
],
"title": "CVE-2023-2002"
},
{
"cve": "CVE-2023-3159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3159"
}
],
"notes": [
{
"category": "general",
"text": "A use after free issue was discovered in driver/firewire in outbound_phy_packet_callback in the Linux Kernel. In this flaw a local attacker with special privilege may cause a use after free problem when queue_event() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3159",
"url": "https://www.suse.com/security/cve/CVE-2023-3159"
},
{
"category": "external",
"summary": "SUSE Bug 1208600 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1208600"
},
{
"category": "external",
"summary": "SUSE Bug 1212128 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1212128"
},
{
"category": "external",
"summary": "SUSE Bug 1212347 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1212347"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1213842"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1214128"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-07-31T20:02:19Z",
"details": "important"
}
],
"title": "CVE-2023-3159"
},
{
"cve": "CVE-2023-35788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-35788"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-35788",
"url": "https://www.suse.com/security/cve/CVE-2023-35788"
},
{
"category": "external",
"summary": "SUSE Bug 1212504 for CVE-2023-35788",
"url": "https://bugzilla.suse.com/1212504"
},
{
"category": "external",
"summary": "SUSE Bug 1212509 for CVE-2023-35788",
"url": "https://bugzilla.suse.com/1212509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-4-150200.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-07-31T20:02:19Z",
"details": "important"
}
],
"title": "CVE-2023-35788"
}
]
}
SUSE-SU-2023:3083-1
Vulnerability from csaf_suse - Published: 2023-08-01 01:34 - Updated: 2023-08-01 01:34Summary
Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP5)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP5)
Description of the patch: This update for the Linux Kernel 4.12.14-122_147 fixes several issues.
The following security issues were fixed:
- CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212347).
- CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication (bsc#1210566).
Patchnames: SUSE-2023-3083,SUSE-SLE-Live-Patching-12-SP5-2023-3085
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-6-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-6-2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-6-2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-6-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-6-2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-6-2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
18 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP5)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.12.14-122_147 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212347).\n- CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication (bsc#1210566).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-3083,SUSE-SLE-Live-Patching-12-SP5-2023-3085",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_3083-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:3083-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20233083-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:3083-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-August/015716.html"
},
{
"category": "self",
"summary": "SUSE Bug 1210566",
"url": "https://bugzilla.suse.com/1210566"
},
{
"category": "self",
"summary": "SUSE Bug 1212347",
"url": "https://bugzilla.suse.com/1212347"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2002 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3159 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3159/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP5)",
"tracking": {
"current_release_date": "2023-08-01T01:34:21Z",
"generator": {
"date": "2023-08-01T01:34:21Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:3083-1",
"initial_release_date": "2023-08-01T01:34:21Z",
"revision_history": [
{
"date": "2023-08-01T01:34:21Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_136-default-9-2.3.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_136-default-9-2.3.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_136-default-9-2.3.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_147-default-6-2.3.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_147-default-6-2.3.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_147-default-6-2.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_136-default-9-2.3.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_136-default-9-2.3.s390x",
"product_id": "kgraft-patch-4_12_14-122_136-default-9-2.3.s390x"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_147-default-6-2.3.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_147-default-6-2.3.s390x",
"product_id": "kgraft-patch-4_12_14-122_147-default-6-2.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_136-default-9-2.3.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_136-default-9-2.3.x86_64",
"product_id": "kgraft-patch-4_12_14-122_136-default-9-2.3.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_147-default-6-2.3.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_147-default-6-2.3.x86_64",
"product_id": "kgraft-patch-4_12_14-122_147-default-6-2.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_147-default-6-2.3.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-6-2.3.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_147-default-6-2.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_147-default-6-2.3.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-6-2.3.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_147-default-6-2.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_147-default-6-2.3.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-6-2.3.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_147-default-6-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-2002",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2002"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-6-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-6-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-6-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2002",
"url": "https://www.suse.com/security/cve/CVE-2023-2002"
},
{
"category": "external",
"summary": "SUSE Bug 1210533 for CVE-2023-2002",
"url": "https://bugzilla.suse.com/1210533"
},
{
"category": "external",
"summary": "SUSE Bug 1210566 for CVE-2023-2002",
"url": "https://bugzilla.suse.com/1210566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-6-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-6-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-6-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-6-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-6-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-6-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-01T01:34:21Z",
"details": "important"
}
],
"title": "CVE-2023-2002"
},
{
"cve": "CVE-2023-3159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3159"
}
],
"notes": [
{
"category": "general",
"text": "A use after free issue was discovered in driver/firewire in outbound_phy_packet_callback in the Linux Kernel. In this flaw a local attacker with special privilege may cause a use after free problem when queue_event() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-6-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-6-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-6-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3159",
"url": "https://www.suse.com/security/cve/CVE-2023-3159"
},
{
"category": "external",
"summary": "SUSE Bug 1208600 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1208600"
},
{
"category": "external",
"summary": "SUSE Bug 1212128 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1212128"
},
{
"category": "external",
"summary": "SUSE Bug 1212347 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1212347"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1213842"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1214128"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-6-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-6-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-6-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-6-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-6-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_147-default-6-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-01T01:34:21Z",
"details": "important"
}
],
"title": "CVE-2023-3159"
}
]
}
SUSE-SU-2023:3104-1
Vulnerability from csaf_suse - Published: 2023-08-01 14:04 - Updated: 2023-08-01 14:04Summary
Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP5)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP5)
Description of the patch: This update for the Linux Kernel 4.12.14-122_130 fixes several issues.
The following security issues were fixed:
- CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212347).
- CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication (bsc#1210566).
Patchnames: SUSE-2023-3104,SUSE-SLE-Live-Patching-12-SP5-2023-3104
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-12-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-12-2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-12-2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-12-2.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-12-2.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-12-2.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
18 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP5)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.12.14-122_130 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212347).\n- CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication (bsc#1210566).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-3104,SUSE-SLE-Live-Patching-12-SP5-2023-3104",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_3104-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:3104-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20233104-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:3104-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-August/015732.html"
},
{
"category": "self",
"summary": "SUSE Bug 1210566",
"url": "https://bugzilla.suse.com/1210566"
},
{
"category": "self",
"summary": "SUSE Bug 1212347",
"url": "https://bugzilla.suse.com/1212347"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2002 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3159 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3159/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP5)",
"tracking": {
"current_release_date": "2023-08-01T14:04:20Z",
"generator": {
"date": "2023-08-01T14:04:20Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:3104-1",
"initial_release_date": "2023-08-01T14:04:20Z",
"revision_history": [
{
"date": "2023-08-01T14:04:20Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_130-default-12-2.3.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_130-default-12-2.3.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_130-default-12-2.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_130-default-12-2.3.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_130-default-12-2.3.s390x",
"product_id": "kgraft-patch-4_12_14-122_130-default-12-2.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_130-default-12-2.3.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_130-default-12-2.3.x86_64",
"product_id": "kgraft-patch-4_12_14-122_130-default-12-2.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_130-default-12-2.3.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-12-2.3.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_130-default-12-2.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_130-default-12-2.3.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-12-2.3.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_130-default-12-2.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_130-default-12-2.3.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-12-2.3.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_130-default-12-2.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-2002",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2002"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-12-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-12-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-12-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2002",
"url": "https://www.suse.com/security/cve/CVE-2023-2002"
},
{
"category": "external",
"summary": "SUSE Bug 1210533 for CVE-2023-2002",
"url": "https://bugzilla.suse.com/1210533"
},
{
"category": "external",
"summary": "SUSE Bug 1210566 for CVE-2023-2002",
"url": "https://bugzilla.suse.com/1210566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-12-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-12-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-12-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-12-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-12-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-12-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-01T14:04:20Z",
"details": "important"
}
],
"title": "CVE-2023-2002"
},
{
"cve": "CVE-2023-3159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3159"
}
],
"notes": [
{
"category": "general",
"text": "A use after free issue was discovered in driver/firewire in outbound_phy_packet_callback in the Linux Kernel. In this flaw a local attacker with special privilege may cause a use after free problem when queue_event() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-12-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-12-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-12-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3159",
"url": "https://www.suse.com/security/cve/CVE-2023-3159"
},
{
"category": "external",
"summary": "SUSE Bug 1208600 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1208600"
},
{
"category": "external",
"summary": "SUSE Bug 1212128 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1212128"
},
{
"category": "external",
"summary": "SUSE Bug 1212347 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1212347"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1213842"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1214128"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-12-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-12-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-12-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-12-2.3.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-12-2.3.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_130-default-12-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-01T14:04:20Z",
"details": "important"
}
],
"title": "CVE-2023-3159"
}
]
}
SUSE-SU-2023:3107-1
Vulnerability from csaf_suse - Published: 2023-08-01 14:05 - Updated: 2023-08-01 14:05Summary
Security update for the Linux Kernel (Live Patch 30 for SLE 15 SP2)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 30 for SLE 15 SP2)
Description of the patch: This update for the Linux Kernel 5.3.18-150200_24_129 fixes several issues.
The following security issues were fixed:
- CVE-2023-35788: Fixed an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets in fl_set_geneve_opt in net/sched/cls_flower.c (bsc#1212509).
- CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212347).
- CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication (bsc#1210566).
Patchnames: SUSE-2023-3107,SUSE-SLE-Module-Live-Patching-15-SP2-2023-3107
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
23 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 30 for SLE 15 SP2)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.3.18-150200_24_129 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-35788: Fixed an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets in fl_set_geneve_opt in net/sched/cls_flower.c (bsc#1212509).\n- CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212347).\n- CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication (bsc#1210566).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-3107,SUSE-SLE-Module-Live-Patching-15-SP2-2023-3107",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_3107-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:3107-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20233107-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:3107-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-August/015731.html"
},
{
"category": "self",
"summary": "SUSE Bug 1210566",
"url": "https://bugzilla.suse.com/1210566"
},
{
"category": "self",
"summary": "SUSE Bug 1212347",
"url": "https://bugzilla.suse.com/1212347"
},
{
"category": "self",
"summary": "SUSE Bug 1212509",
"url": "https://bugzilla.suse.com/1212509"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2002 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3159 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-35788 page",
"url": "https://www.suse.com/security/cve/CVE-2023-35788/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 30 for SLE 15 SP2)",
"tracking": {
"current_release_date": "2023-08-01T14:05:16Z",
"generator": {
"date": "2023-08-01T14:05:16Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:3107-1",
"initial_release_date": "2023-08-01T14:05:16Z",
"revision_history": [
{
"date": "2023-08-01T14:05:16Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.s390x",
"product_id": "kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.x86_64",
"product_id": "kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_129-preempt-10-150200.2.2.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_129-preempt-10-150200.2.2.x86_64",
"product_id": "kernel-livepatch-5_3_18-150200_24_129-preempt-10-150200.2.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.s390x as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-2002",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2002"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2002",
"url": "https://www.suse.com/security/cve/CVE-2023-2002"
},
{
"category": "external",
"summary": "SUSE Bug 1210533 for CVE-2023-2002",
"url": "https://bugzilla.suse.com/1210533"
},
{
"category": "external",
"summary": "SUSE Bug 1210566 for CVE-2023-2002",
"url": "https://bugzilla.suse.com/1210566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-01T14:05:16Z",
"details": "important"
}
],
"title": "CVE-2023-2002"
},
{
"cve": "CVE-2023-3159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3159"
}
],
"notes": [
{
"category": "general",
"text": "A use after free issue was discovered in driver/firewire in outbound_phy_packet_callback in the Linux Kernel. In this flaw a local attacker with special privilege may cause a use after free problem when queue_event() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3159",
"url": "https://www.suse.com/security/cve/CVE-2023-3159"
},
{
"category": "external",
"summary": "SUSE Bug 1208600 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1208600"
},
{
"category": "external",
"summary": "SUSE Bug 1212128 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1212128"
},
{
"category": "external",
"summary": "SUSE Bug 1212347 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1212347"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1213842"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1214128"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-01T14:05:16Z",
"details": "important"
}
],
"title": "CVE-2023-3159"
},
{
"cve": "CVE-2023-35788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-35788"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-35788",
"url": "https://www.suse.com/security/cve/CVE-2023-35788"
},
{
"category": "external",
"summary": "SUSE Bug 1212504 for CVE-2023-35788",
"url": "https://bugzilla.suse.com/1212504"
},
{
"category": "external",
"summary": "SUSE Bug 1212509 for CVE-2023-35788",
"url": "https://bugzilla.suse.com/1212509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_129-default-10-150200.2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-01T14:05:16Z",
"details": "important"
}
],
"title": "CVE-2023-35788"
}
]
}
SUSE-SU-2023:3333-1
Vulnerability from csaf_suse - Published: 2023-08-16 10:45 - Updated: 2023-08-16 10:45Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-3268: Fixed an out of bounds memory access flaw in relay_file_read_start_pos in the relayfs (bsc#1212502).
- CVE-2023-3776: Fixed improper refcount update in cls_fw leads to use-after-free (bsc#1213588).
- CVE-2022-40982: Fixed transient execution attack called 'Gather Data Sampling' (bsc#1206418).
- CVE-2023-3567: Fixed a use-after-free in vcs_read in drivers/tty/vt/vc_screen.c (bsc#1213167).
- CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec (bsc#1211738).
- CVE-2023-20593: Fixed a ZenBleed issue in 'Zen 2' CPUs that could allow an attacker to potentially access sensitive information (bsc#1213286).
- CVE-2018-3639: Fixed Speculative Store Bypass aka 'Memory Disambiguation' (bsc#1087082).
- CVE-2017-18344: Fixed an OOB access led by an invalid check in timer_create. (bsc#1102851).
- CVE-2022-45919: Fixed a use-after-free in dvb_ca_en50221.c that could occur if there is a disconnect after an open, because of the lack of a wait_event (bsc#1205803).
- CVE-2023-35824: Fixed a use-after-free in dm1105_remove in drivers/media/pci/dm1105/dm1105.c (bsc#1212501).
- CVE-2023-3161: Fixed shift-out-of-bounds in fbcon_set_font() (bsc#1212154).
- CVE-2023-3141: Fixed a use-after-free flaw in r592_remove in drivers/memstick/host/r592.c, that allowed local attackers to crash the system at device disconnect (bsc#1212129).
- CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212128).
The following non-security bugs were fixed:
- fbcon: Check font dimension limits (CVE-2023-3161 bsc#1212154).
- firewire: fix potential uaf in outbound_phy_packet_callback() (CVE-2023-3159 bsc#1212128).
- kABI: restore _copy_from_user on x86_64 and copy_to_user on x86 (bsc#1211738 CVE-2023-0459).
- media: dm1105: Fix use after free bug in dm1105_remove due to race condition (bsc#1212501 CVE-2023-35824).
- media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 (CVE-2022-45919 bsc#1205803).
- memstick: r592: Fix UAF bug in r592_remove due to race condition (CVE-2023-3141 bsc#1212129 bsc#1211449).
- net/sched: cls_fw: Fix improper refcount update leads to use-after-free (CVE-2023-3776 bsc#1213588).
- pkt_sched: fix error return code in fw_change_attrs() (bsc#1213588).
- pkt_sched: fix error return code in fw_change_attrs() (bsc#1213588).
- posix-timer: Properly check sigevent->sigev_notify (CVE-2017-18344, bsc#1102851, bsc#1208715).
- relayfs: fix out-of-bounds access in relay_file_read (bsc#1212502 CVE-2023-3268).
- uaccess: Add speculation barrier to copy_from_user() (bsc#1211738 CVE-2023-0459).
- vc_screen: don't clobber return value in vcs_read (bsc#1213167 CVE-2023-3567).
- vc_screen: modify vcs_size() handling in vcs_read() (bsc#1213167 CVE-2023-3567).
- vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF (bsc#1213167 CVE-2023-3567).
- x86: Unify copy_from_user() size checking (bsc#1211738 CVE-2023-0459).
- x86/copy_user: Unify the code by removing the 64-bit asm _copy_*_user() variants (bsc#1211738 CVE-2023-0459).
- x86/cpu/amd: Add a Zenbleed fix (bsc#1213286, CVE-2023-20593).
- x86/speculation: Add Gather Data Sampling mitigation (bsc#1206418, CVE-2022-40982).
Patchnames: SUSE-2023-3333,SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2023-3333
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.1 (High)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.7 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.1 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.1 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.7 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
109 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2023-3268: Fixed an out of bounds memory access flaw in relay_file_read_start_pos in the relayfs (bsc#1212502).\n- CVE-2023-3776: Fixed improper refcount update in cls_fw leads to use-after-free (bsc#1213588).\n- CVE-2022-40982: Fixed transient execution attack called \u0027Gather Data Sampling\u0027 (bsc#1206418).\n- CVE-2023-3567: Fixed a use-after-free in vcs_read in drivers/tty/vt/vc_screen.c (bsc#1213167).\n- CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec (bsc#1211738).\n- CVE-2023-20593: Fixed a ZenBleed issue in \u0027Zen 2\u0027 CPUs that could allow an attacker to potentially access sensitive information (bsc#1213286).\n- CVE-2018-3639: Fixed Speculative Store Bypass aka \u0027Memory Disambiguation\u0027 (bsc#1087082).\n- CVE-2017-18344: Fixed an OOB access led by an invalid check in timer_create. (bsc#1102851).\n- CVE-2022-45919: Fixed a use-after-free in dvb_ca_en50221.c that could occur if there is a disconnect after an open, because of the lack of a wait_event (bsc#1205803).\n- CVE-2023-35824: Fixed a use-after-free in dm1105_remove in drivers/media/pci/dm1105/dm1105.c (bsc#1212501).\n- CVE-2023-3161: Fixed shift-out-of-bounds in fbcon_set_font() (bsc#1212154).\n- CVE-2023-3141: Fixed a use-after-free flaw in r592_remove in drivers/memstick/host/r592.c, that allowed local attackers to crash the system at device disconnect (bsc#1212129).\n- CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212128).\n\nThe following non-security bugs were fixed:\n\n- fbcon: Check font dimension limits (CVE-2023-3161 bsc#1212154).\n- firewire: fix potential uaf in outbound_phy_packet_callback() (CVE-2023-3159 bsc#1212128).\n- kABI: restore _copy_from_user on x86_64 and copy_to_user on x86 (bsc#1211738 CVE-2023-0459).\n- media: dm1105: Fix use after free bug in dm1105_remove due to race condition (bsc#1212501 CVE-2023-35824).\n- media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 (CVE-2022-45919 bsc#1205803).\n- memstick: r592: Fix UAF bug in r592_remove due to race condition (CVE-2023-3141 bsc#1212129 bsc#1211449).\n- net/sched: cls_fw: Fix improper refcount update leads to use-after-free (CVE-2023-3776 bsc#1213588).\n- pkt_sched: fix error return code in fw_change_attrs() (bsc#1213588).\n- pkt_sched: fix error return code in fw_change_attrs() (bsc#1213588).\n- posix-timer: Properly check sigevent-\u003esigev_notify (CVE-2017-18344, bsc#1102851, bsc#1208715).\n- relayfs: fix out-of-bounds access in relay_file_read (bsc#1212502 CVE-2023-3268).\n- uaccess: Add speculation barrier to copy_from_user() (bsc#1211738 CVE-2023-0459).\n- vc_screen: don\u0027t clobber return value in vcs_read (bsc#1213167 CVE-2023-3567).\n- vc_screen: modify vcs_size() handling in vcs_read() (bsc#1213167 CVE-2023-3567).\n- vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF (bsc#1213167 CVE-2023-3567).\n- x86: Unify copy_from_user() size checking (bsc#1211738 CVE-2023-0459).\n- x86/copy_user: Unify the code by removing the 64-bit asm _copy_*_user() variants (bsc#1211738 CVE-2023-0459).\n- x86/cpu/amd: Add a Zenbleed fix (bsc#1213286, CVE-2023-20593).\n- x86/speculation: Add Gather Data Sampling mitigation (bsc#1206418, CVE-2022-40982).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-3333,SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2023-3333",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_3333-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:3333-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20233333-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:3333-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-August/015911.html"
},
{
"category": "self",
"summary": "SUSE Bug 1087082",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "self",
"summary": "SUSE Bug 1102851",
"url": "https://bugzilla.suse.com/1102851"
},
{
"category": "self",
"summary": "SUSE Bug 1205803",
"url": "https://bugzilla.suse.com/1205803"
},
{
"category": "self",
"summary": "SUSE Bug 1206418",
"url": "https://bugzilla.suse.com/1206418"
},
{
"category": "self",
"summary": "SUSE Bug 1211738",
"url": "https://bugzilla.suse.com/1211738"
},
{
"category": "self",
"summary": "SUSE Bug 1212128",
"url": "https://bugzilla.suse.com/1212128"
},
{
"category": "self",
"summary": "SUSE Bug 1212129",
"url": "https://bugzilla.suse.com/1212129"
},
{
"category": "self",
"summary": "SUSE Bug 1212154",
"url": "https://bugzilla.suse.com/1212154"
},
{
"category": "self",
"summary": "SUSE Bug 1212501",
"url": "https://bugzilla.suse.com/1212501"
},
{
"category": "self",
"summary": "SUSE Bug 1212502",
"url": "https://bugzilla.suse.com/1212502"
},
{
"category": "self",
"summary": "SUSE Bug 1213167",
"url": "https://bugzilla.suse.com/1213167"
},
{
"category": "self",
"summary": "SUSE Bug 1213286",
"url": "https://bugzilla.suse.com/1213286"
},
{
"category": "self",
"summary": "SUSE Bug 1213588",
"url": "https://bugzilla.suse.com/1213588"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18344 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18344/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3639 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-40982 page",
"url": "https://www.suse.com/security/cve/CVE-2022-40982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-45919 page",
"url": "https://www.suse.com/security/cve/CVE-2022-45919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0459 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0459/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20593 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20593/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3141 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3159 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3161 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3161/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3268 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3268/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3567 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3567/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-35824 page",
"url": "https://www.suse.com/security/cve/CVE-2023-35824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3776 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3776/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2023-08-16T10:45:46Z",
"generator": {
"date": "2023-08-16T10:45:46Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:3333-1",
"initial_release_date": "2023-08-16T10:45:46Z",
"revision_history": [
{
"date": "2023-08-16T10:45:46Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-debug-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-debug-3.0.101-108.144.1.i586",
"product_id": "kernel-debug-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-debug-base-3.0.101-108.144.1.i586",
"product_id": "kernel-debug-base-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-debug-devel-3.0.101-108.144.1.i586",
"product_id": "kernel-debug-devel-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-debug-extra-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-debug-extra-3.0.101-108.144.1.i586",
"product_id": "kernel-debug-extra-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-debug-hmac-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-debug-hmac-3.0.101-108.144.1.i586",
"product_id": "kernel-debug-hmac-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-default-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-default-3.0.101-108.144.1.i586",
"product_id": "kernel-default-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-default-base-3.0.101-108.144.1.i586",
"product_id": "kernel-default-base-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-default-devel-3.0.101-108.144.1.i586",
"product_id": "kernel-default-devel-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-default-extra-3.0.101-108.144.1.i586",
"product_id": "kernel-default-extra-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-default-hmac-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-default-hmac-3.0.101-108.144.1.i586",
"product_id": "kernel-default-hmac-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-ec2-3.0.101-108.144.1.i586",
"product_id": "kernel-ec2-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-base-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-ec2-base-3.0.101-108.144.1.i586",
"product_id": "kernel-ec2-base-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-devel-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-ec2-devel-3.0.101-108.144.1.i586",
"product_id": "kernel-ec2-devel-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-extra-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-ec2-extra-3.0.101-108.144.1.i586",
"product_id": "kernel-ec2-extra-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-hmac-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-ec2-hmac-3.0.101-108.144.1.i586",
"product_id": "kernel-ec2-hmac-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-pae-3.0.101-108.144.1.i586",
"product_id": "kernel-pae-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-base-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-pae-base-3.0.101-108.144.1.i586",
"product_id": "kernel-pae-base-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-devel-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-pae-devel-3.0.101-108.144.1.i586",
"product_id": "kernel-pae-devel-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-extra-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-pae-extra-3.0.101-108.144.1.i586",
"product_id": "kernel-pae-extra-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-hmac-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-pae-hmac-3.0.101-108.144.1.i586",
"product_id": "kernel-pae-hmac-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-source-3.0.101-108.144.1.i586",
"product_id": "kernel-source-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-source-vanilla-3.0.101-108.144.1.i586",
"product_id": "kernel-source-vanilla-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-syms-3.0.101-108.144.1.i586",
"product_id": "kernel-syms-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-trace-3.0.101-108.144.1.i586",
"product_id": "kernel-trace-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-base-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-trace-base-3.0.101-108.144.1.i586",
"product_id": "kernel-trace-base-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-devel-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-trace-devel-3.0.101-108.144.1.i586",
"product_id": "kernel-trace-devel-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-extra-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-trace-extra-3.0.101-108.144.1.i586",
"product_id": "kernel-trace-extra-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-hmac-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-trace-hmac-3.0.101-108.144.1.i586",
"product_id": "kernel-trace-hmac-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-vanilla-3.0.101-108.144.1.i586",
"product_id": "kernel-vanilla-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-vanilla-base-3.0.101-108.144.1.i586",
"product_id": "kernel-vanilla-base-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-vanilla-devel-3.0.101-108.144.1.i586",
"product_id": "kernel-vanilla-devel-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-hmac-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-vanilla-hmac-3.0.101-108.144.1.i586",
"product_id": "kernel-vanilla-hmac-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-xen-3.0.101-108.144.1.i586",
"product_id": "kernel-xen-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-xen-base-3.0.101-108.144.1.i586",
"product_id": "kernel-xen-base-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-xen-devel-3.0.101-108.144.1.i586",
"product_id": "kernel-xen-devel-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-extra-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-xen-extra-3.0.101-108.144.1.i586",
"product_id": "kernel-xen-extra-3.0.101-108.144.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-hmac-3.0.101-108.144.1.i586",
"product": {
"name": "kernel-xen-hmac-3.0.101-108.144.1.i586",
"product_id": "kernel-xen-hmac-3.0.101-108.144.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.144.1.ia64",
"product": {
"name": "kernel-source-3.0.101-108.144.1.ia64",
"product_id": "kernel-source-3.0.101-108.144.1.ia64"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-3.0.101-108.144.1.ia64",
"product": {
"name": "kernel-source-vanilla-3.0.101-108.144.1.ia64",
"product_id": "kernel-source-vanilla-3.0.101-108.144.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-docs-3.0.101-108.144.1.noarch",
"product": {
"name": "kernel-docs-3.0.101-108.144.1.noarch",
"product_id": "kernel-docs-3.0.101-108.144.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.144.1.ppc",
"product": {
"name": "kernel-source-3.0.101-108.144.1.ppc",
"product_id": "kernel-source-3.0.101-108.144.1.ppc"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-3.0.101-108.144.1.ppc",
"product": {
"name": "kernel-source-vanilla-3.0.101-108.144.1.ppc",
"product_id": "kernel-source-vanilla-3.0.101-108.144.1.ppc"
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.144.1.ppc64",
"product": {
"name": "kernel-source-3.0.101-108.144.1.ppc64",
"product_id": "kernel-source-3.0.101-108.144.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-3.0.101-108.144.1.ppc64",
"product": {
"name": "kernel-source-vanilla-3.0.101-108.144.1.ppc64",
"product_id": "kernel-source-vanilla-3.0.101-108.144.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.144.1.s390",
"product": {
"name": "kernel-source-3.0.101-108.144.1.s390",
"product_id": "kernel-source-3.0.101-108.144.1.s390"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-3.0.101-108.144.1.s390",
"product": {
"name": "kernel-source-vanilla-3.0.101-108.144.1.s390",
"product_id": "kernel-source-vanilla-3.0.101-108.144.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.144.1.s390x",
"product": {
"name": "kernel-source-3.0.101-108.144.1.s390x",
"product_id": "kernel-source-3.0.101-108.144.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-3.0.101-108.144.1.s390x",
"product": {
"name": "kernel-source-vanilla-3.0.101-108.144.1.s390x",
"product_id": "kernel-source-vanilla-3.0.101-108.144.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-debug-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-debug-3.0.101-108.144.1.x86_64",
"product_id": "kernel-debug-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-debug-base-3.0.101-108.144.1.x86_64",
"product_id": "kernel-debug-base-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-debug-devel-3.0.101-108.144.1.x86_64",
"product_id": "kernel-debug-devel-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-extra-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-debug-extra-3.0.101-108.144.1.x86_64",
"product_id": "kernel-debug-extra-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-hmac-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-debug-hmac-3.0.101-108.144.1.x86_64",
"product_id": "kernel-debug-hmac-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-default-3.0.101-108.144.1.x86_64",
"product_id": "kernel-default-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-default-base-3.0.101-108.144.1.x86_64",
"product_id": "kernel-default-base-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-default-devel-3.0.101-108.144.1.x86_64",
"product_id": "kernel-default-devel-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-default-extra-3.0.101-108.144.1.x86_64",
"product_id": "kernel-default-extra-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-hmac-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-default-hmac-3.0.101-108.144.1.x86_64",
"product_id": "kernel-default-hmac-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-ec2-3.0.101-108.144.1.x86_64",
"product_id": "kernel-ec2-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-base-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-ec2-base-3.0.101-108.144.1.x86_64",
"product_id": "kernel-ec2-base-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"product_id": "kernel-ec2-devel-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-extra-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-ec2-extra-3.0.101-108.144.1.x86_64",
"product_id": "kernel-ec2-extra-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-hmac-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-ec2-hmac-3.0.101-108.144.1.x86_64",
"product_id": "kernel-ec2-hmac-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-source-3.0.101-108.144.1.x86_64",
"product_id": "kernel-source-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-source-vanilla-3.0.101-108.144.1.x86_64",
"product_id": "kernel-source-vanilla-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-syms-3.0.101-108.144.1.x86_64",
"product_id": "kernel-syms-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-trace-3.0.101-108.144.1.x86_64",
"product_id": "kernel-trace-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-base-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-trace-base-3.0.101-108.144.1.x86_64",
"product_id": "kernel-trace-base-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-devel-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-trace-devel-3.0.101-108.144.1.x86_64",
"product_id": "kernel-trace-devel-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-extra-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-trace-extra-3.0.101-108.144.1.x86_64",
"product_id": "kernel-trace-extra-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-hmac-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-trace-hmac-3.0.101-108.144.1.x86_64",
"product_id": "kernel-trace-hmac-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-vanilla-3.0.101-108.144.1.x86_64",
"product_id": "kernel-vanilla-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-vanilla-base-3.0.101-108.144.1.x86_64",
"product_id": "kernel-vanilla-base-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-vanilla-devel-3.0.101-108.144.1.x86_64",
"product_id": "kernel-vanilla-devel-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-hmac-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-vanilla-hmac-3.0.101-108.144.1.x86_64",
"product_id": "kernel-vanilla-hmac-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-xen-3.0.101-108.144.1.x86_64",
"product_id": "kernel-xen-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-xen-base-3.0.101-108.144.1.x86_64",
"product_id": "kernel-xen-base-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-xen-devel-3.0.101-108.144.1.x86_64",
"product_id": "kernel-xen-devel-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-extra-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-xen-extra-3.0.101-108.144.1.x86_64",
"product_id": "kernel-xen-extra-3.0.101-108.144.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-hmac-3.0.101-108.144.1.x86_64",
"product": {
"name": "kernel-xen-hmac-3.0.101-108.144.1.x86_64",
"product_id": "kernel-xen-hmac-3.0.101-108.144.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-108.144.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64"
},
"product_reference": "kernel-default-3.0.101-108.144.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-108.144.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64"
},
"product_reference": "kernel-default-base-3.0.101-108.144.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-108.144.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64"
},
"product_reference": "kernel-default-devel-3.0.101-108.144.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.0.101-108.144.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64"
},
"product_reference": "kernel-ec2-3.0.101-108.144.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-base-3.0.101-108.144.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64"
},
"product_reference": "kernel-ec2-base-3.0.101-108.144.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.0.101-108.144.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64"
},
"product_reference": "kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-108.144.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64"
},
"product_reference": "kernel-source-3.0.101-108.144.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-108.144.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64"
},
"product_reference": "kernel-syms-3.0.101-108.144.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-108.144.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64"
},
"product_reference": "kernel-trace-3.0.101-108.144.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-108.144.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64"
},
"product_reference": "kernel-trace-base-3.0.101-108.144.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-108.144.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64"
},
"product_reference": "kernel-trace-devel-3.0.101-108.144.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.0.101-108.144.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64"
},
"product_reference": "kernel-xen-3.0.101-108.144.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.0.101-108.144.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64"
},
"product_reference": "kernel-xen-base-3.0.101-108.144.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.0.101-108.144.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.0.101-108.144.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-18344",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18344"
}
],
"notes": [
{
"category": "general",
"text": "The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn\u0027t properly validate the sigevent-\u003esigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). This allows userspace applications to read arbitrary kernel memory (on a kernel built with CONFIG_POSIX_TIMERS and CONFIG_CHECKPOINT_RESTORE).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18344",
"url": "https://www.suse.com/security/cve/CVE-2017-18344"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-18344",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1102851 for CVE-2017-18344",
"url": "https://bugzilla.suse.com/1102851"
},
{
"category": "external",
"summary": "SUSE Bug 1103203 for CVE-2017-18344",
"url": "https://bugzilla.suse.com/1103203"
},
{
"category": "external",
"summary": "SUSE Bug 1103580 for CVE-2017-18344",
"url": "https://bugzilla.suse.com/1103580"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2017-18344",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-16T10:45:46Z",
"details": "moderate"
}
],
"title": "CVE-2017-18344"
},
{
"cve": "CVE-2018-3639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3639"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3639",
"url": "https://www.suse.com/security/cve/CVE-2018-3639"
},
{
"category": "external",
"summary": "SUSE Bug 1074701 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1074701"
},
{
"category": "external",
"summary": "SUSE Bug 1085235 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1085235"
},
{
"category": "external",
"summary": "SUSE Bug 1085308 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1085308"
},
{
"category": "external",
"summary": "SUSE Bug 1087078 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1087078"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1092631 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1092631"
},
{
"category": "external",
"summary": "SUSE Bug 1092885 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1092885"
},
{
"category": "external",
"summary": "SUSE Bug 1094912 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1094912"
},
{
"category": "external",
"summary": "SUSE Bug 1098813 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1098813"
},
{
"category": "external",
"summary": "SUSE Bug 1100394 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1100394"
},
{
"category": "external",
"summary": "SUSE Bug 1102640 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1102640"
},
{
"category": "external",
"summary": "SUSE Bug 1105412 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1105412"
},
{
"category": "external",
"summary": "SUSE Bug 1111963 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1111963"
},
{
"category": "external",
"summary": "SUSE Bug 1172781 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1172781"
},
{
"category": "external",
"summary": "SUSE Bug 1172782 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1172782"
},
{
"category": "external",
"summary": "SUSE Bug 1172783 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1172783"
},
{
"category": "external",
"summary": "SUSE Bug 1173489 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1173489"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1201877"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-16T10:45:46Z",
"details": "moderate"
}
],
"title": "CVE-2018-3639"
},
{
"cve": "CVE-2022-40982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-40982"
}
],
"notes": [
{
"category": "general",
"text": "Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-40982",
"url": "https://www.suse.com/security/cve/CVE-2022-40982"
},
{
"category": "external",
"summary": "SUSE Bug 1206418 for CVE-2022-40982",
"url": "https://bugzilla.suse.com/1206418"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2022-40982",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-16T10:45:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-40982"
},
{
"cve": "CVE-2022-45919",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-45919"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-45919",
"url": "https://www.suse.com/security/cve/CVE-2022-45919"
},
{
"category": "external",
"summary": "SUSE Bug 1205803 for CVE-2022-45919",
"url": "https://bugzilla.suse.com/1205803"
},
{
"category": "external",
"summary": "SUSE Bug 1208600 for CVE-2022-45919",
"url": "https://bugzilla.suse.com/1208600"
},
{
"category": "external",
"summary": "SUSE Bug 1208912 for CVE-2022-45919",
"url": "https://bugzilla.suse.com/1208912"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2022-45919",
"url": "https://bugzilla.suse.com/1214128"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2022-45919",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-16T10:45:46Z",
"details": "important"
}
],
"title": "CVE-2022-45919"
},
{
"cve": "CVE-2023-0459",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0459"
}
],
"notes": [
{
"category": "general",
"text": "Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the \"access_ok\" check and pass a kernel pointer to copy_from_user(). This would allow an attacker to leak information. We recommend upgrading beyond commit 74e19ef0ff8061ef55957c3abd71614ef0f42f47",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0459",
"url": "https://www.suse.com/security/cve/CVE-2023-0459"
},
{
"category": "external",
"summary": "SUSE Bug 1211738 for CVE-2023-0459",
"url": "https://bugzilla.suse.com/1211738"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2023-0459",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-16T10:45:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-0459"
},
{
"cve": "CVE-2023-20593",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20593"
}
],
"notes": [
{
"category": "general",
"text": "An issue in \"Zen 2\" CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20593",
"url": "https://www.suse.com/security/cve/CVE-2023-20593"
},
{
"category": "external",
"summary": "SUSE Bug 1213286 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1213286"
},
{
"category": "external",
"summary": "SUSE Bug 1213616 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1213616"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-16T10:45:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-20593"
},
{
"cve": "CVE-2023-3141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3141"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3141",
"url": "https://www.suse.com/security/cve/CVE-2023-3141"
},
{
"category": "external",
"summary": "SUSE Bug 1212129 for CVE-2023-3141",
"url": "https://bugzilla.suse.com/1212129"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2023-3141",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-16T10:45:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-3141"
},
{
"cve": "CVE-2023-3159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3159"
}
],
"notes": [
{
"category": "general",
"text": "A use after free issue was discovered in driver/firewire in outbound_phy_packet_callback in the Linux Kernel. In this flaw a local attacker with special privilege may cause a use after free problem when queue_event() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3159",
"url": "https://www.suse.com/security/cve/CVE-2023-3159"
},
{
"category": "external",
"summary": "SUSE Bug 1208600 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1208600"
},
{
"category": "external",
"summary": "SUSE Bug 1212128 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1212128"
},
{
"category": "external",
"summary": "SUSE Bug 1212347 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1212347"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1213842"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1214128"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2023-3159",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-16T10:45:46Z",
"details": "important"
}
],
"title": "CVE-2023-3159"
},
{
"cve": "CVE-2023-3161",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3161"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font-\u003ewidth and font-\u003eheight greater than 32 to fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and possible denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3161",
"url": "https://www.suse.com/security/cve/CVE-2023-3161"
},
{
"category": "external",
"summary": "SUSE Bug 1212154 for CVE-2023-3161",
"url": "https://bugzilla.suse.com/1212154"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2023-3161",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-16T10:45:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-3161"
},
{
"cve": "CVE-2023-3268",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3268"
}
],
"notes": [
{
"category": "general",
"text": "An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3268",
"url": "https://www.suse.com/security/cve/CVE-2023-3268"
},
{
"category": "external",
"summary": "SUSE Bug 1212502 for CVE-2023-3268",
"url": "https://bugzilla.suse.com/1212502"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2023-3268",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-16T10:45:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-3268"
},
{
"cve": "CVE-2023-3567",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3567"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3567",
"url": "https://www.suse.com/security/cve/CVE-2023-3567"
},
{
"category": "external",
"summary": "SUSE Bug 1213167 for CVE-2023-3567",
"url": "https://bugzilla.suse.com/1213167"
},
{
"category": "external",
"summary": "SUSE Bug 1213244 for CVE-2023-3567",
"url": "https://bugzilla.suse.com/1213244"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-3567",
"url": "https://bugzilla.suse.com/1213842"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2023-3567",
"url": "https://bugzilla.suse.com/1215674"
},
{
"category": "external",
"summary": "SUSE Bug 1217444 for CVE-2023-3567",
"url": "https://bugzilla.suse.com/1217444"
},
{
"category": "external",
"summary": "SUSE Bug 1217531 for CVE-2023-3567",
"url": "https://bugzilla.suse.com/1217531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-16T10:45:46Z",
"details": "important"
}
],
"title": "CVE-2023-3567"
},
{
"cve": "CVE-2023-35824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-35824"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-35824",
"url": "https://www.suse.com/security/cve/CVE-2023-35824"
},
{
"category": "external",
"summary": "SUSE Bug 1212501 for CVE-2023-35824",
"url": "https://bugzilla.suse.com/1212501"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2023-35824",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-16T10:45:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-35824"
},
{
"cve": "CVE-2023-3776",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3776"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: cls_fw component can be exploited to achieve local privilege escalation.\n\nIf tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability.\n\nWe recommend upgrading past commit 0323bce598eea038714f941ce2b22541c46d488f.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3776",
"url": "https://www.suse.com/security/cve/CVE-2023-3776"
},
{
"category": "external",
"summary": "SUSE Bug 1213588 for CVE-2023-3776",
"url": "https://bugzilla.suse.com/1213588"
},
{
"category": "external",
"summary": "SUSE Bug 1215119 for CVE-2023-3776",
"url": "https://bugzilla.suse.com/1215119"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2023-3776",
"url": "https://bugzilla.suse.com/1215674"
},
{
"category": "external",
"summary": "SUSE Bug 1217444 for CVE-2023-3776",
"url": "https://bugzilla.suse.com/1217444"
},
{
"category": "external",
"summary": "SUSE Bug 1217531 for CVE-2023-3776",
"url": "https://bugzilla.suse.com/1217531"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-3776",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-3776",
"url": "https://bugzilla.suse.com/1221598"
},
{
"category": "external",
"summary": "SUSE Bug 1223091 for CVE-2023-3776",
"url": "https://bugzilla.suse.com/1223091"
},
{
"category": "external",
"summary": "SUSE Bug 1223973 for CVE-2023-3776",
"url": "https://bugzilla.suse.com/1223973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.144.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.144.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-08-16T10:45:46Z",
"details": "important"
}
],
"title": "CVE-2023-3776"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…