Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-32269 (GCVE-0-2023-32269)
Vulnerability from cvelistv5 – Published: 2023-05-05 00:00 – Updated: 2025-05-05 15:57
VLAI
EPSS
Summary
An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.
Severity
6.7 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:10:24.330Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/611792920925fb088ddccbe2783c7f92fdfb6b64"
},
{
"tags": [
"x_transferred"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.11"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-32269",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:28:30.411517Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T15:57:51.746Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-05T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/torvalds/linux/commit/611792920925fb088ddccbe2783c7f92fdfb6b64"
},
{
"url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.11"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-32269",
"datePublished": "2023-05-05T00:00:00.000Z",
"dateReserved": "2023-05-05T00:00:00.000Z",
"dateUpdated": "2025-05-05T15:57:51.746Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-32269",
"date": "2026-05-27",
"epss": "0.00014",
"percentile": "0.02983"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-32269\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2023-05-05T17:15:09.623\",\"lastModified\":\"2025-05-05T16:15:40.090\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.1.11\",\"matchCriteriaId\":\"345F000B-5A9F-41D4-831B-E85C394DDAE4\"}]}]}],\"references\":[{\"url\":\"https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.11\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/torvalds/linux/commit/611792920925fb088ddccbe2783c7f92fdfb6b64\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.11\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/torvalds/linux/commit/611792920925fb088ddccbe2783c7f92fdfb6b64\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}",
"vulnrichment": {
"containers": "{\"cna\": {\"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2023-05-05T00:00:00.000Z\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.\"}], \"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"version\": \"n/a\", \"status\": \"affected\"}]}], \"references\": [{\"url\": \"https://github.com/torvalds/linux/commit/611792920925fb088ddccbe2783c7f92fdfb6b64\"}, {\"url\": \"https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.11\"}], \"problemTypes\": [{\"descriptions\": [{\"type\": \"text\", \"lang\": \"en\", \"description\": \"n/a\"}]}]}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T15:10:24.330Z\"}, \"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/torvalds/linux/commit/611792920925fb088ddccbe2783c7f92fdfb6b64\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.11\", \"tags\": [\"x_transferred\"]}]}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.7, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-32269\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-23T13:28:30.411517Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-416\", \"description\": \"CWE-416 Use After Free\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-05T13:05:50.405Z\"}}]}",
"cveMetadata": "{\"state\": \"PUBLISHED\", \"cveId\": \"CVE-2023-32269\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"assignerShortName\": \"mitre\", \"dateUpdated\": \"2025-05-05T15:57:51.746Z\", \"dateReserved\": \"2023-05-05T00:00:00.000Z\", \"datePublished\": \"2023-05-05T00:00:00.000Z\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2023-AVI-0775
Vulnerability from certfr_avis - Published: 2023-09-22 - Updated: 2023-09-22
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 18.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 20.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 23.04",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 22.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-28466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28466"
},
{
"name": "CVE-2023-28328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28328"
},
{
"name": "CVE-2023-1076",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1076"
},
{
"name": "CVE-2023-2235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2235"
},
{
"name": "CVE-2023-4385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4385"
},
{
"name": "CVE-2023-3390",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3390"
},
{
"name": "CVE-2023-4004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4004"
},
{
"name": "CVE-2023-2002",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2002"
},
{
"name": "CVE-2022-4269",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4269"
},
{
"name": "CVE-2023-40283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40283"
},
{
"name": "CVE-2023-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2163"
},
{
"name": "CVE-2023-3777",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3777"
},
{
"name": "CVE-2023-20588",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20588"
},
{
"name": "CVE-2023-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3995"
},
{
"name": "CVE-2023-31084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31084"
},
{
"name": "CVE-2023-3090",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3090"
},
{
"name": "CVE-2023-4569",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4569"
},
{
"name": "CVE-2023-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3611"
},
{
"name": "CVE-2023-4128",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4128"
},
{
"name": "CVE-2023-31436",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31436"
},
{
"name": "CVE-2023-32269",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32269"
},
{
"name": "CVE-2023-3220",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3220"
},
{
"name": "CVE-2023-20593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20593"
},
{
"name": "CVE-2023-4387",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4387"
},
{
"name": "CVE-2023-2162",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2162"
},
{
"name": "CVE-2022-48425",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48425"
},
{
"name": "CVE-2023-4459",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4459"
},
{
"name": "CVE-2023-21255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21255"
},
{
"name": "CVE-2022-40982",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40982"
},
{
"name": "CVE-2023-1075",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1075"
},
{
"name": "CVE-2023-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3609"
},
{
"name": "CVE-2023-1380",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1380"
},
{
"name": "CVE-2023-3776",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3776"
},
{
"name": "CVE-2023-4194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4194"
},
{
"name": "CVE-2022-27672",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27672"
},
{
"name": "CVE-2023-2269",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2269"
},
{
"name": "CVE-2023-2898",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2898"
},
{
"name": "CVE-2023-3863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3863"
},
{
"name": "CVE-2023-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38428"
},
{
"name": "CVE-2023-3141",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3141"
},
{
"name": "CVE-2023-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3610"
},
{
"name": "CVE-2023-0458",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0458"
},
{
"name": "CVE-2023-4015",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4015"
},
{
"name": "CVE-2023-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3212"
},
{
"name": "CVE-2023-4273",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4273"
},
{
"name": "CVE-2023-38426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38426"
},
{
"name": "CVE-2023-1206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1206"
},
{
"name": "CVE-2023-21264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21264"
},
{
"name": "CVE-2023-1611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1611"
},
{
"name": "CVE-2023-38429",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38429"
}
],
"initial_release_date": "2023-09-22T00:00:00",
"last_revision_date": "2023-09-22T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0775",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-09-22T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux d\u0027Ubuntu\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une\natteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6388-1 du 19 septembre 2023",
"url": "https://ubuntu.com/security/notices/USN-6388-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6387-1 du 19 septembre 2023",
"url": "https://ubuntu.com/security/notices/USN-6387-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6339-4 du 18 septembre 2023",
"url": "https://ubuntu.com/security/notices/USN-6339-4"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6384-1 du 19 septembre 2023",
"url": "https://ubuntu.com/security/notices/USN-6384-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6383-1 du 19 septembre 2023",
"url": "https://ubuntu.com/security/notices/USN-6383-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6385-1 du 19 septembre 2023",
"url": "https://ubuntu.com/security/notices/USN-6385-1"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6386-1 du 19 septembre 2023",
"url": "https://ubuntu.com/security/notices/USN-6386-1"
}
]
}
CNVD-2023-48546
Vulnerability from cnvd - Published: 2023-06-14
VLAI
Title
Linux kernel资源管理错误漏洞(CNVD-2023-48546)
Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。
Linux kernel 6.1.11之前版本存在资源管理错误漏洞,该漏洞源于net/netrom/af_netrom.c负责释放内存的指令发生混乱。攻击者可利用该漏洞导致程序崩溃,任意代码执行等。
Severity
中
Patch Name
Linux kernel资源管理错误漏洞(CNVD-2023-48546)的补丁
Patch Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。
Linux kernel 6.1.11之前版本存在资源管理错误漏洞,该漏洞源于net/netrom/af_netrom.c负责释放内存的指令发生混乱。攻击者可利用该漏洞导致程序崩溃,任意代码执行等。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://github.com/torvalds/linux/commit/611792920925fb088ddccbe2783c7f92fdfb6b64
Reference
https://nvd.nist.gov/vuln/detail/CVE-2023-32269
Impacted products
| Name | Linux Linux kernel <6.1.11 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2023-32269",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2023-32269"
}
},
"description": "Linux kernel\u662f\u7f8e\u56fdLinux\u57fa\u91d1\u4f1a\u7684\u5f00\u6e90\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\n\nLinux kernel 6.1.11\u4e4b\u524d\u7248\u672c\u5b58\u5728\u8d44\u6e90\u7ba1\u7406\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8enet/netrom/af_netrom.c\u8d1f\u8d23\u91ca\u653e\u5185\u5b58\u7684\u6307\u4ee4\u53d1\u751f\u6df7\u4e71\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7a0b\u5e8f\u5d29\u6e83\uff0c\u4efb\u610f\u4ee3\u7801\u6267\u884c\u7b49\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://github.com/torvalds/linux/commit/611792920925fb088ddccbe2783c7f92fdfb6b64",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2023-48546",
"openTime": "2023-06-14",
"patchDescription": "Linux kernel\u662f\u7f8e\u56fdLinux\u57fa\u91d1\u4f1a\u7684\u5f00\u6e90\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\r\n\r\nLinux kernel 6.1.11\u4e4b\u524d\u7248\u672c\u5b58\u5728\u8d44\u6e90\u7ba1\u7406\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8enet/netrom/af_netrom.c\u8d1f\u8d23\u91ca\u653e\u5185\u5b58\u7684\u6307\u4ee4\u53d1\u751f\u6df7\u4e71\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7a0b\u5e8f\u5d29\u6e83\uff0c\u4efb\u610f\u4ee3\u7801\u6267\u884c\u7b49\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Linux kernel\u8d44\u6e90\u7ba1\u7406\u9519\u8bef\u6f0f\u6d1e\uff08CNVD-2023-48546\uff09\u7684\u8865\u4e01",
"products": {
"product": "Linux Linux kernel \u003c6.1.11"
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2023-32269",
"serverity": "\u4e2d",
"submitTime": "2023-05-11",
"title": "Linux kernel\u8d44\u6e90\u7ba1\u7406\u9519\u8bef\u6f0f\u6d1e\uff08CNVD-2023-48546\uff09"
}
FKIE_CVE-2023-32269
Vulnerability from fkie_nvd - Published: 2023-05-05 17:15 - Updated: 2025-05-05 16:15
Severity
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "345F000B-5A9F-41D4-831B-E85C394DDAE4",
"versionEndExcluding": "6.1.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability."
}
],
"id": "CVE-2023-32269",
"lastModified": "2025-05-05T16:15:40.090",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-05-05T17:15:09.623",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.11"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/torvalds/linux/commit/611792920925fb088ddccbe2783c7f92fdfb6b64"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/torvalds/linux/commit/611792920925fb088ddccbe2783c7f92fdfb6b64"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
GHSA-JMV4-PG4W-272Q
Vulnerability from github – Published: 2023-05-05 18:30 – Updated: 2024-04-04 03:49
VLAI
Details
An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.
Severity
6.7 (Medium)
{
"affected": [],
"aliases": [
"CVE-2023-32269"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-05-05T17:15:09Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.",
"id": "GHSA-jmv4-pg4w-272q",
"modified": "2024-04-04T03:49:53Z",
"published": "2023-05-05T18:30:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32269"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/611792920925fb088ddccbe2783c7f92fdfb6b64"
},
{
"type": "WEB",
"url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.11"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2023-32269
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-32269",
"id": "GSD-2023-32269"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-32269"
],
"details": "An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.",
"id": "GSD-2023-32269",
"modified": "2023-12-13T01:20:24.090233Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2023-32269",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/torvalds/linux/commit/611792920925fb088ddccbe2783c7f92fdfb6b64",
"refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/611792920925fb088ddccbe2783c7f92fdfb6b64"
},
{
"name": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.11",
"refsource": "MISC",
"url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.11"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.1.11",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2023-32269"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.11",
"refsource": "MISC",
"tags": [
"Release Notes"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.11"
},
{
"name": "https://github.com/torvalds/linux/commit/611792920925fb088ddccbe2783c7f92fdfb6b64",
"refsource": "MISC",
"tags": [
"Patch"
],
"url": "https://github.com/torvalds/linux/commit/611792920925fb088ddccbe2783c7f92fdfb6b64"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2023-05-11T23:04Z",
"publishedDate": "2023-05-05T17:15Z"
}
}
}
MSRC_CVE-2023-32269
Vulnerability from csaf_microsoft - Published: 2023-05-01 00:00 - Updated: 2023-06-03 00:00Summary
An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However in order for an attacker to exploit this the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
6.7 (Medium)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 17863-16820 | — | ||
| Unresolved product id: 17884-17086 | — |
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2023/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2023/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2023-32269 An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However in order for an attacker to exploit this the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2023/msrc_cve-2023-32269.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However in order for an attacker to exploit this the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.",
"tracking": {
"current_release_date": "2023-06-03T00:00:00.000Z",
"generator": {
"date": "2025-12-27T17:07:09.346Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2023-32269",
"initial_release_date": "2023-05-01T00:00:00.000Z",
"revision_history": [
{
"date": "2023-05-12T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2023-06-03T00:00:00.000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Information published."
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "1.0",
"product": {
"name": "CBL Mariner 1.0",
"product_id": "16820"
}
},
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccm1 kernel 5.10.181.1-1",
"product": {
"name": "\u003ccm1 kernel 5.10.181.1-1",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "cm1 kernel 5.10.181.1-1",
"product": {
"name": "cm1 kernel 5.10.181.1-1",
"product_id": "17863"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 kernel 5.15.112.1-1",
"product": {
"name": "\u003ccbl2 kernel 5.15.112.1-1",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cbl2 kernel 5.15.112.1-1",
"product": {
"name": "cbl2 kernel 5.15.112.1-1",
"product_id": "17884"
}
}
],
"category": "product_name",
"name": "kernel"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccm1 kernel 5.10.181.1-1 as a component of CBL Mariner 1.0",
"product_id": "16820-2"
},
"product_reference": "2",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cm1 kernel 5.10.181.1-1 as a component of CBL Mariner 1.0",
"product_id": "17863-16820"
},
"product_reference": "17863",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 kernel 5.15.112.1-1 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 kernel 5.15.112.1-1 as a component of CBL Mariner 2.0",
"product_id": "17884-17086"
},
"product_reference": "17884",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-32269",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "general",
"text": "mitre",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"17863-16820",
"17884-17086"
],
"known_affected": [
"16820-2",
"17086-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-32269 An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However in order for an attacker to exploit this the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2023/msrc_cve-2023-32269.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-12T00:00:00.000Z",
"details": "5.10.181.1-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"16820-2"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2023-05-12T00:00:00.000Z",
"details": "5.15.112.1-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"temporalScore": 6.7,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"16820-2",
"17086-1"
]
}
],
"title": "An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However in order for an attacker to exploit this the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability."
}
]
}
SUSE-SU-2023:2501-1
Vulnerability from csaf_suse - Published: 2023-06-13 15:39 - Updated: 2023-06-13 15:39Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-2269: Fixed a denial-of-service problem due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c (bsc#1210806).
- CVE-2022-3566: Fixed race condition in the TCP Handler (bsc#1204405).
- CVE-2022-45886: Fixed a .disconnect versus dvb_device_open race condition in dvb_net.c that lead to a use-after-free (bsc#1205760).
- CVE-2022-45885: Fixed a race condition in dvb_frontend.c that could cause a use-after-free when a device is disconnected (bsc#1205758).
- CVE-2022-45887: Fixed a memory leak in ttusb_dec.c caused by the lack of a dvb_frontend_detach call (bsc#1205762).
- CVE-2022-45919: Fixed a use-after-free in dvb_ca_en50221.c that could occur if there is a disconnect after an open, because of the lack of a wait_event (bsc#1205803).
- CVE-2022-45884: Fixed a use-after-free in dvbdev.c, related to dvb_register_device dynamically allocating fops (bsc#1205756).
- CVE-2023-31084: Fixed a blocking issue in drivers/media/dvb-core/dvb_frontend.c (bsc#1210783).
- CVE-2023-31436: Fixed an out-of-bounds write in qfq_change_class() because lmax can exceed QFQ_MIN_LMAX (bsc#1210940 bsc#1211260).
- CVE-2023-2194: Fixed an out-of-bounds write vulnerability in the SLIMpro I2C device driver (bsc#1210715).
- CVE-2023-32269: Fixed a use-after-free in af_netrom.c, related to the fact that accept() was also allowed for a successfully connected AF_NETROM socket (bsc#1211186).
- CVE-2023-28466: Fixed race condition that could lead to use-after-free or NULL pointer dereference in do_tls_getsockopt in net/tls/tls_main.c (bsc#1209366).
- CVE-2023-1380: Fixed a slab-out-of-bound read problem in brcmf_get_assoc_ies() (bsc#1209287).
- CVE-2023-2513: Fixed a use-after-free vulnerability in the ext4 filesystem (bsc#1211105).
- CVE-2023-2483: Fixed a use after free bug in emac_remove due caused by a race condition (bsc#1211037).
- CVE-2023-2176: Fixed an out-of-boundary read in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA (bsc#1210629).
The following non-security bugs were fixed:
- ACPI: processor: Fix evaluating _PDC method when running as Xen dom0 (git-fixes).
- Documentation: Document sysfs interfaces purr, spurr, idle_purr, idle_spurr (PED-3947 bsc#1210544 ltc#202303).
- Drivers: hv: vmbus: Optimize vmbus_on_event (bsc#1211622).
- IB/hfi1: Assign npages earlier (git-fixes)
- IB/iser: bound protection_sg size by data_sg size (git-fixes)
- IB/mlx4: Fix memory leaks (git-fixes)
- IB/mlx4: Increase the timeout for CM cache (git-fixes)
- IB/mlx5: Fix initializing CQ fragments buffer (git-fixes)
- IB/rdmavt: Add __init/__exit annotations to module init/exit funcs (git-fixes)
- IB/usnic: Fix potential deadlock (git-fixes)
- KVM: nSVM: clear events pending from svm_complete_interrupts() when exiting to L1 (git-fixes).
- KVM: x86: Update the exit_qualification access bits while walking an address (git-fixes).
- KVM: x86: avoid misreporting level-triggered irqs as edge-triggered in tracing (git-fixes).
- KVM: x86: emulator: em_sysexit should update ctxt->mode (git-fixes).
- KVM: x86: emulator: introduce emulator_recalc_and_set_mode (git-fixes).
- KVM: x86: emulator: update the emulation mode after CR0 write (git-fixes).
- KVM: x86: fix empty-body warnings (git-fixes).
- KVM: x86: fix incorrect comparison in trace event (git-fixes).
- KVM: x86: svm: report MSR_IA32_MCG_EXT_CTL as unsupported (git-fixes).
- Move upstreamed media fixes into sorted section
- PCI: Add ACS quirks for Cavium multi-function devices (git-fixes).
- PCI: Call Max Payload Size-related fixup quirks early (git-fixes).
- PCI: Mark Atheros QCA6174 to avoid bus reset (git-fixes).
- PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported (git-fixes).
- PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure (git-fixes).
- PCI: aardvark: Configure PCIe resources from 'ranges' DT property (git-fixes).
- PCI: aardvark: Fix PCIe Max Payload Size setting (git-fixes).
- PCI: aardvark: Fix checking for PIO status (git-fixes).
- PCI: aardvark: Fix masking and unmasking legacy INTx interrupts (git-fixes).
- PCI: aardvark: Increase polling delay to 1.5s while waiting for PIO response (git-fixes).
- PCI: xilinx-nwl: Enable the clock through CCF (git-fixes).
- RDMA/bnxt_re: Restrict the max_gids to 256 (git-fixes)
- RDMA/cma: Do not change route.addr.src_addr.ss_family (git-fixes)
- RDMA/cma: Fix rdma_resolve_route() memory leak (git-fixes)
- RDMA/core: Do not access cm_id after its destruction (git-fixes)
- RDMA/cxgb4: Fix missing error code in create_qp() (git-fixes)
- RDMA/hfi1: Prevent panic when SDMA is disabled (git-fixes)
- RDMA/hns: Bugfix for querying qkey (git-fixes)
- RDMA/i40iw: Fix potential use after free (git-fixes)
- RDMA/iw_cgxb4: Fix an error handling path in 'c4iw_connect()' (git-fixes)
- RDMA/mlx4: Prevent shift wrapping in set_user_sq_size() (git-fixes)
- RDMA/mlx5: Block delay drop to unprivileged users (git-fixes)
- RDMA/rxe: Fix error type of mmap_offset (git-fixes)
- RDMA/srp: Move large values to a new enum for gcc13 (git-fixes)
- RDMA/srp: Propagate ib_post_send() failures to the SCSI mid-layer (git-fixes)
- RDMA/usnic: fix set-but-not-unused variable 'flags' warning (git-fixes)
- RDMa/mthca: Work around -Wenum-conversion warning (git-fixes)
- RDS: IB: Fix null pointer issue (git-fixes).
- USB: core: Add routines for endpoint checks in old drivers (git-fixes).
- USB: dwc3: fix runtime pm imbalance on probe errors (git-fixes).
- USB: dwc3: fix runtime pm imbalance on unbind (git-fixes).
- USB: sisusbvga: Add endpoint checks (git-fixes).
- Update patch reference for libata fix (bsc#1118212).
- adm8211: fix error return code in adm8211_probe() (git-fixes).
- backlight: lm3630a: Fix return code of .update_status() callback (bsc#1129770)
- blacklist.conf: workqueue: Cosmetic change. Not worth backporting (bsc#1211275)
- ceph: force updating the msg pointer in non-split case (bsc#1211801).
- cpuidle/powernv: avoid double irq enable coming out of idle (PED-3947 bsc#1210544 ltc#202303).
- cpuidle: powerpc: cpuidle set polling before enabling irqs (PED-3947 bsc#1210544 ltc#202303).
- cpuidle: powerpc: no memory barrier after break from idle (PED-3947 bsc#1210544 ltc#202303).
- cpuidle: powerpc: read mostly for common globals (PED-3947 bsc#1210544 ltc#202303).
- ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h (bsc#1206878).
- f2fs: Fix f2fs_truncate_partial_nodes ftrace event (git-fixes).
- fbcon: Check font dimension limits (bsc#1154048)
- fbdev: uvesafb: Fixes an error handling path in uvesafb_probe() (bsc#1154048)
- fix kcm_clone() (git-fixes).
- fotg210-udc: Add missing completion handler (git-fixes).
- ip6_tunnel: allow ip6gre dev mtu to be set below 1280 (git-fixes).
- ip6_tunnel: fix IFLA_MTU ignored on NEWLINK (git-fixes).
- ipoib: correcly show a VF hardware address (git-fixes)
- ipv4: ipv4_default_advmss() should use route mtu (git-fixes).
- ipv6: Reinject IPv6 packets if IPsec policy matches after SNAT (git-fixes).
- ipv6: icmp6: Allow icmp messages to be looped back (git-fixes).
- ipv6: sr: fix out-of-bounds read when setting HMAC data (bsc#1211592).
- kcm: Check if sk_user_data already set in kcm_attach (git-fixes).
- kvm: mmu: Do not read PDPTEs when paging is not enabled (git-fixes).
- l2tp: remove configurable payload offset (git-fixes).
- l2tp: remove l2specific_len dependency in l2tp_core (git-fixes).
- libata: add horkage for ASMedia 1092 (git-fixes).
- mac80211: choose first enabled channel for monitor (git-fixes).
- mac80211: drop multicast fragments (git-fixes).
- mac80211: fix fast-rx encryption check (git-fixes).
- mac80211: pause TX while changing interface type (git-fixes).
- media: radio-shark: Add endpoint checks (git-fixes).
- mlx4: Use snprintf instead of complicated strcpy (git-fixes)
- mwl8k: Fix a double Free in mwl8k_probe_hw (git-fixes).
- net/iucv: Fix size of interrupt data (bsc#1211466).
- net/tcp/illinois: replace broken algorithm reference link (git-fixes).
- net: Extra '_get' in declaration of arch_get_platform_mac_address (git-fixes).
- net: amd: add missing of_node_put() (git-fixes).
- net: arc_emac: fix arc_emac_rx() error paths (git-fixes).
- net: broadcom: fix return type of ndo_start_xmit function (git-fixes).
- net: davinci_emac: match the mdio device against its compatible if possible (git-fixes).
- net: dsa: b53: Add BCM5389 support (git-fixes).
- net: dsa: mt7530: fix module autoloading for OF platform drivers (git-fixes).
- net: dsa: qca8k: Add support for QCA8334 switch (git-fixes).
- net: emac: fix fixed-link setup for the RTL8363SB switch (git-fixes).
- net: ethernet: ti: cpsw-phy-sel: check bus_find_device() ret value (git-fixes).
- net: faraday: fix return type of ndo_start_xmit function (git-fixes).
- net: hns3: fix return type of ndo_start_xmit function (git-fixes).
- net: ipv6: send NS for DAD when link operationally up (git-fixes).
- net: mediatek: setup proper state for disabled GMAC on the default (git-fixes).
- net: micrel: fix return type of ndo_start_xmit function (git-fixes).
- net: mvneta: fix enable of all initialized RXQs (git-fixes).
- net: propagate dev_get_valid_name return code (git-fixes).
- net: qca_spi: Fix log level if probe fails (git-fixes).
- net: qcom/emac: Use proper free methods during TX (git-fixes).
- net: qla3xxx: Remove overflowing shift statement (git-fixes).
- net: smsc: fix return type of ndo_start_xmit function (git-fixes).
- net: sun: fix return type of ndo_start_xmit function (git-fixes).
- net: toshiba: fix return type of ndo_start_xmit function (git-fixes).
- net: xfrm: allow clearing socket xfrm policies (git-fixes).
- net: xilinx: fix return type of ndo_start_xmit function (git-fixes).
- netfilter: ebtables: convert BUG_ONs to WARN_ONs (git-fixes).
- netfilter: ipt_CLUSTERIP: put config instead of freeing it (git-fixes).
- netfilter: ipt_CLUSTERIP: put config struct if we can't increment ct refcount (git-fixes).
- nvme-pci: avoid the deepest sleep state on Kingston A2000 SSDs (git-fixes).
- nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags (git-fixes).
- nvme-pci: unquiesce admin queue on shutdown (git-fixes).
- nvme-pci: use the same attributes when freeing host_mem_desc_bufs (git-fixes).
- nvme: Fix u32 overflow in the number of namespace list calculation (git-fixes).
- nvme: free sq/cq dbbuf pointers when dbbuf set fails (git-fixes).
- nvme: refine the Qemu Identify CNS quirk (git-fixes).
- nvme: remove the ifdef around nvme_nvm_ioctl (git-fixes).
- platform/x86: alienware-wmi: Adjust instance of wmi_evaluate_method calls to 0 (git-fixes).
- platform/x86: alienware-wmi: constify attribute_group structures (git-fixes).
- platform/x86: alienware-wmi: fix format string overflow warning (git-fixes).
- platform/x86: alienware-wmi: fix kfree on potentially uninitialized pointer (git-fixes).
- platform/x86: dell-laptop: fix rfkill functionality.
- platform/x86: dell-smbios-wmi: Add missing kfree in error-exit from run_smbios_call (git-fixes).
- platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (git-fixes).
- powerpc/idle: Store PURR snapshot in a per-cpu global variable (PED-3947 bsc#1210544 ltc#202303).
- powerpc/pseries: Account for SPURR ticks on idle CPUs (PED-3947 bsc#1210544 ltc#202303).
- powerpc/rtas: use memmove for potentially overlapping buffer copy (bsc#1065729).
- powerpc/sysfs: Show idle_purr and idle_spurr for every CPU (PED-3947 bsc#1210544 ltc#202303).
- powerpc: Do not try to copy PPR for task with NULL pt_regs (bsc#1065729).
- powerpc: Move idle_loop_prolog()/epilog() functions to header file (PED-3947 bsc#1210544 ltc#202303).
- powerpc: Squash lines for simple wrapper functions (bsc#1065729).
- rds; Reset rs->rs_bound_addr in rds_add_bound() failure path (git-fixes).
- ring-buffer: Ensure proper resetting of atomic variables in ring_buffer_reset_online_cpus (git-fixes).
- ring-buffer: Sync IRQ works before buffer destruction (git-fixes).
- rxe: IB_WR_REG_MR does not capture MR's iova field (git-fixes)
- s390/dasd: correct numa_node in dasd_alloc_queue (git-fixes bsc#1211362).
- s390/extmem: fix gcc 8 stringop-overflow warning (git-fixes bsc#1211363).
- s390/kasan: fix early pgm check handler execution (git-fixes bsc#1211360).
- s390/pci: fix sleeping in atomic during hotplug (git-fixes bsc#1211364).
- s390/scm_blk: correct numa_node in scm_blk_dev_setup (git-fixes bsc#1211365).
- s390/sysinfo: add missing #ifdef CONFIG_PROC_FS (git-fixes bsc#1211366).
- s390/uaccess: add missing earlyclobber annotations to __clear_user() (LTC#202116 bsc#1209857 git-fixes).
- s390: ctcm: fix ctcm_new_device error return code (git-fixes bsc#1211361).
- scsi: qla2xxx: Declare SCSI host template const (bsc#1211960).
- scsi: qla2xxx: Drop redundant pci_enable_pcie_error_reporting() (bsc#1211960).
- scsi: qla2xxx: Fix hang in task management (bsc#1211960).
- scsi: qla2xxx: Fix hang in task management (bsc#1211960).
- scsi: qla2xxx: Fix mem access after free (bsc#1211960).
- scsi: qla2xxx: Fix mem access after free (bsc#1211960).
- scsi: qla2xxx: Fix task management cmd fail due to unavailable resource (bsc#1211960).
- scsi: qla2xxx: Fix task management cmd fail due to unavailable resource (bsc#1211960).
- scsi: qla2xxx: Fix task management cmd failure (bsc#1211960).
- scsi: qla2xxx: Fix task management cmd failure (bsc#1211960).
- scsi: qla2xxx: Multi-que support for TMF (bsc#1211960).
- scsi: qla2xxx: Multi-que support for TMF (bsc#1211960).
- scsi: qla2xxx: Refer directly to the qla2xxx_driver_template (bsc#1211960).
- scsi: qla2xxx: Remove default fabric ops callouts (bsc#1211960).
- scsi: qla2xxx: Replace all non-returning strlcpy() with strscpy() (bsc#1211960).
- scsi: qla2xxx: Replace all non-returning strlcpy() with strscpy() (bsc#1211960).
- scsi: qla2xxx: Update version to 10.02.08.300-k (bsc#1211960).
- scsi: qla2xxx: Update version to 10.02.08.300-k (bsc#1211960).
- scsi: qla2xxx: Wait for io return on terminate rport (bsc#1211960).
- scsi: qla2xxx: Wait for io return on terminate rport (bsc#1211960).
- scsi: storvsc: Parameterize number hardware queues (bsc#1211622).
- sctp: avoid flushing unsent queue when doing asoc reset (git-fixes).
- sctp: fix erroneous inc of snmp SctpFragUsrMsgs (git-fixes).
- sctp: fix the issue that a __u16 variable may overflow in sctp_ulpq_renege (git-fixes).
- sctp: make use of pre-calculated len (git-fixes).
- seccomp: Set PF_SUPERPRIV when checking capability (git-fixes bsc#1211816).
- sit: fix IFLA_MTU ignored on NEWLINK (git-fixes).
- stmmac: fix valid numbers of unicast filter entries (git-fixes).
- sunvnet: does not support GSO for sctp (git-fixes).
- usb: chipidea: fix missing goto in `ci_hdrc_probe` (git-fixes).
- usb: dwc3: Fix race between dwc3_set_mode and __dwc3_set_mode (git-fixes).
- usb: early: xhci-dbc: Fix a potential out-of-bound memory access (git-fixes).
- wcn36xx: Add ability for wcn36xx_smd_dump_cmd_req to pass two's complement (git-fixes).
- wcn36xx: Add ieee80211 rx status rate information (git-fixes).
- wcn36xx: Channel list update before hardware scan (git-fixes).
- wcn36xx: Disable bmps when encryption is disabled (git-fixes).
- wcn36xx: Ensure finish scan is not requested before start scan (git-fixes).
- wcn36xx: Fix TX data path (git-fixes).
- wcn36xx: Fix multiple AMPDU sessions support (git-fixes).
- wcn36xx: Fix software-driven scan (git-fix).
- wcn36xx: Fix warning due to bad rate_idx (git-fixes).
- wcn36xx: Increase number of TX retries (git-fixes).
- wcn36xx: Specify ieee80211_rx_status.nss (git-fixes).
- wcn36xx: Use kmemdup instead of duplicating it in wcn36xx_smd_process_ptt_msg_rsp (git-fixes).
- wcn36xx: Use sequence number allocated by mac80211 (git-fixes).
- wcn36xx: disable HW_CONNECTION_MONITOR (git-fixes).
- wcn36xx: ensure pairing of init_scan/finish_scan and start_scan/end_scan (git-fixes).
- wcn36xx: fix spelling mistake 'to' -> 'too' (git-fixes).
- wcn36xx: fix typo (git-fixes).
- wcn36xx: remove unecessary return (git-fixes).
- wcn36xx: use dma_zalloc_coherent instead of allocator/memset (git-fixes).
- workqueue: Fix hung time report of worker pools (bsc#1211044).
- workqueue: Interrupted create_worker() is not a repeated event (bsc#1211044).
- workqueue: Print backtraces from CPUs with hung CPU bound workqueues (bsc#1211044).
- workqueue: Warn when a new worker could not be created (bsc#1211044).
- workqueue: Warn when a rescuer could not be created (bsc#1211044).
- x86/kvm/vmx: fix old-style function declaration (git-fixes).
- x86/kvm: Do not call kvm_spurious_fault() from .fixup (git-fixes).
- x86: kvm: avoid constant-conversion warning (git-fixes).
- xen/netback: do not do grant copy across page boundary (git-fixes).
- xen/netback: use same error messages for same errors (git-fixes).
- xfrm: Fix stack-out-of-bounds with misconfigured transport mode policies (git-fixes).
Patchnames: SUSE-2023-2501,SUSE-SLE-RT-12-SP5-2023-2501
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4.7 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.1 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.1 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.1 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.1 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.1 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.4 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.6 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.9 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
106 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-2269: Fixed a denial-of-service problem due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c (bsc#1210806).\n- CVE-2022-3566: Fixed race condition in the TCP Handler (bsc#1204405).\n- CVE-2022-45886: Fixed a .disconnect versus dvb_device_open race condition in dvb_net.c that lead to a use-after-free (bsc#1205760).\n- CVE-2022-45885: Fixed a race condition in dvb_frontend.c that could cause a use-after-free when a device is disconnected (bsc#1205758).\n- CVE-2022-45887: Fixed a memory leak in ttusb_dec.c caused by the lack of a dvb_frontend_detach call (bsc#1205762).\n- CVE-2022-45919: Fixed a use-after-free in dvb_ca_en50221.c that could occur if there is a disconnect after an open, because of the lack of a wait_event (bsc#1205803).\n- CVE-2022-45884: Fixed a use-after-free in dvbdev.c, related to dvb_register_device dynamically allocating fops (bsc#1205756).\n- CVE-2023-31084: Fixed a blocking issue in drivers/media/dvb-core/dvb_frontend.c (bsc#1210783).\n- CVE-2023-31436: Fixed an out-of-bounds write in qfq_change_class() because lmax can exceed QFQ_MIN_LMAX (bsc#1210940 bsc#1211260).\n- CVE-2023-2194: Fixed an out-of-bounds write vulnerability in the SLIMpro I2C device driver (bsc#1210715).\n- CVE-2023-32269: Fixed a use-after-free in af_netrom.c, related to the fact that accept() was also allowed for a successfully connected AF_NETROM socket (bsc#1211186).\n- CVE-2023-28466: Fixed race condition that could lead to use-after-free or NULL pointer dereference in do_tls_getsockopt in net/tls/tls_main.c (bsc#1209366).\n- CVE-2023-1380: Fixed a slab-out-of-bound read problem in brcmf_get_assoc_ies() (bsc#1209287).\n- CVE-2023-2513: Fixed a use-after-free vulnerability in the ext4 filesystem (bsc#1211105).\n- CVE-2023-2483: Fixed a use after free bug in emac_remove due caused by a race condition (bsc#1211037).\n- CVE-2023-2176: Fixed an out-of-boundary read in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA (bsc#1210629).\n\nThe following non-security bugs were fixed:\n\n- ACPI: processor: Fix evaluating _PDC method when running as Xen dom0 (git-fixes).\n- Documentation: Document sysfs interfaces purr, spurr, idle_purr, idle_spurr (PED-3947 bsc#1210544 ltc#202303).\n- Drivers: hv: vmbus: Optimize vmbus_on_event (bsc#1211622).\n- IB/hfi1: Assign npages earlier (git-fixes)\n- IB/iser: bound protection_sg size by data_sg size (git-fixes)\n- IB/mlx4: Fix memory leaks (git-fixes)\n- IB/mlx4: Increase the timeout for CM cache (git-fixes)\n- IB/mlx5: Fix initializing CQ fragments buffer (git-fixes)\n- IB/rdmavt: Add __init/__exit annotations to module init/exit funcs (git-fixes)\n- IB/usnic: Fix potential deadlock (git-fixes)\n- KVM: nSVM: clear events pending from svm_complete_interrupts() when exiting to L1 (git-fixes).\n- KVM: x86: Update the exit_qualification access bits while walking an address (git-fixes).\n- KVM: x86: avoid misreporting level-triggered irqs as edge-triggered in tracing (git-fixes).\n- KVM: x86: emulator: em_sysexit should update ctxt-\u003emode (git-fixes).\n- KVM: x86: emulator: introduce emulator_recalc_and_set_mode (git-fixes).\n- KVM: x86: emulator: update the emulation mode after CR0 write (git-fixes).\n- KVM: x86: fix empty-body warnings (git-fixes).\n- KVM: x86: fix incorrect comparison in trace event (git-fixes).\n- KVM: x86: svm: report MSR_IA32_MCG_EXT_CTL as unsupported (git-fixes).\n- Move upstreamed media fixes into sorted section\n- PCI: Add ACS quirks for Cavium multi-function devices (git-fixes).\n- PCI: Call Max Payload Size-related fixup quirks early (git-fixes).\n- PCI: Mark Atheros QCA6174 to avoid bus reset (git-fixes).\n- PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported (git-fixes).\n- PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure (git-fixes).\n- PCI: aardvark: Configure PCIe resources from \u0027ranges\u0027 DT property (git-fixes).\n- PCI: aardvark: Fix PCIe Max Payload Size setting (git-fixes).\n- PCI: aardvark: Fix checking for PIO status (git-fixes).\n- PCI: aardvark: Fix masking and unmasking legacy INTx interrupts (git-fixes).\n- PCI: aardvark: Increase polling delay to 1.5s while waiting for PIO response (git-fixes).\n- PCI: xilinx-nwl: Enable the clock through CCF (git-fixes).\n- RDMA/bnxt_re: Restrict the max_gids to 256 (git-fixes)\n- RDMA/cma: Do not change route.addr.src_addr.ss_family (git-fixes)\n- RDMA/cma: Fix rdma_resolve_route() memory leak (git-fixes)\n- RDMA/core: Do not access cm_id after its destruction (git-fixes)\n- RDMA/cxgb4: Fix missing error code in create_qp() (git-fixes)\n- RDMA/hfi1: Prevent panic when SDMA is disabled (git-fixes)\n- RDMA/hns: Bugfix for querying qkey (git-fixes)\n- RDMA/i40iw: Fix potential use after free (git-fixes)\n- RDMA/iw_cgxb4: Fix an error handling path in \u0027c4iw_connect()\u0027 (git-fixes)\n- RDMA/mlx4: Prevent shift wrapping in set_user_sq_size() (git-fixes)\n- RDMA/mlx5: Block delay drop to unprivileged users (git-fixes)\n- RDMA/rxe: Fix error type of mmap_offset (git-fixes)\n- RDMA/srp: Move large values to a new enum for gcc13 (git-fixes)\n- RDMA/srp: Propagate ib_post_send() failures to the SCSI mid-layer (git-fixes)\n- RDMA/usnic: fix set-but-not-unused variable \u0027flags\u0027 warning (git-fixes)\n- RDMa/mthca: Work around -Wenum-conversion warning (git-fixes)\n- RDS: IB: Fix null pointer issue (git-fixes).\n- USB: core: Add routines for endpoint checks in old drivers (git-fixes).\n- USB: dwc3: fix runtime pm imbalance on probe errors (git-fixes).\n- USB: dwc3: fix runtime pm imbalance on unbind (git-fixes).\n- USB: sisusbvga: Add endpoint checks (git-fixes).\n- Update patch reference for libata fix (bsc#1118212).\n- adm8211: fix error return code in adm8211_probe() (git-fixes).\n- backlight: lm3630a: Fix return code of .update_status() callback (bsc#1129770)\n- blacklist.conf: workqueue: Cosmetic change. Not worth backporting (bsc#1211275)\n- ceph: force updating the msg pointer in non-split case (bsc#1211801).\n- cpuidle/powernv: avoid double irq enable coming out of idle (PED-3947 bsc#1210544 ltc#202303).\n- cpuidle: powerpc: cpuidle set polling before enabling irqs (PED-3947 bsc#1210544 ltc#202303).\n- cpuidle: powerpc: no memory barrier after break from idle (PED-3947 bsc#1210544 ltc#202303).\n- cpuidle: powerpc: read mostly for common globals (PED-3947 bsc#1210544 ltc#202303).\n- ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h (bsc#1206878).\n- f2fs: Fix f2fs_truncate_partial_nodes ftrace event (git-fixes).\n- fbcon: Check font dimension limits (bsc#1154048)\n- fbdev: uvesafb: Fixes an error handling path in uvesafb_probe() (bsc#1154048)\n- fix kcm_clone() (git-fixes).\n- fotg210-udc: Add missing completion handler (git-fixes).\n- ip6_tunnel: allow ip6gre dev mtu to be set below 1280 (git-fixes).\n- ip6_tunnel: fix IFLA_MTU ignored on NEWLINK (git-fixes).\n- ipoib: correcly show a VF hardware address (git-fixes)\n- ipv4: ipv4_default_advmss() should use route mtu (git-fixes).\n- ipv6: Reinject IPv6 packets if IPsec policy matches after SNAT (git-fixes).\n- ipv6: icmp6: Allow icmp messages to be looped back (git-fixes).\n- ipv6: sr: fix out-of-bounds read when setting HMAC data (bsc#1211592).\n- kcm: Check if sk_user_data already set in kcm_attach (git-fixes).\n- kvm: mmu: Do not read PDPTEs when paging is not enabled (git-fixes).\n- l2tp: remove configurable payload offset (git-fixes).\n- l2tp: remove l2specific_len dependency in l2tp_core (git-fixes).\n- libata: add horkage for ASMedia 1092 (git-fixes).\n- mac80211: choose first enabled channel for monitor (git-fixes).\n- mac80211: drop multicast fragments (git-fixes).\n- mac80211: fix fast-rx encryption check (git-fixes).\n- mac80211: pause TX while changing interface type (git-fixes).\n- media: radio-shark: Add endpoint checks (git-fixes).\n- mlx4: Use snprintf instead of complicated strcpy (git-fixes)\n- mwl8k: Fix a double Free in mwl8k_probe_hw (git-fixes).\n- net/iucv: Fix size of interrupt data (bsc#1211466).\n- net/tcp/illinois: replace broken algorithm reference link (git-fixes).\n- net: Extra \u0027_get\u0027 in declaration of arch_get_platform_mac_address (git-fixes).\n- net: amd: add missing of_node_put() (git-fixes).\n- net: arc_emac: fix arc_emac_rx() error paths (git-fixes).\n- net: broadcom: fix return type of ndo_start_xmit function (git-fixes).\n- net: davinci_emac: match the mdio device against its compatible if possible (git-fixes).\n- net: dsa: b53: Add BCM5389 support (git-fixes).\n- net: dsa: mt7530: fix module autoloading for OF platform drivers (git-fixes).\n- net: dsa: qca8k: Add support for QCA8334 switch (git-fixes).\n- net: emac: fix fixed-link setup for the RTL8363SB switch (git-fixes).\n- net: ethernet: ti: cpsw-phy-sel: check bus_find_device() ret value (git-fixes).\n- net: faraday: fix return type of ndo_start_xmit function (git-fixes).\n- net: hns3: fix return type of ndo_start_xmit function (git-fixes).\n- net: ipv6: send NS for DAD when link operationally up (git-fixes).\n- net: mediatek: setup proper state for disabled GMAC on the default (git-fixes).\n- net: micrel: fix return type of ndo_start_xmit function (git-fixes).\n- net: mvneta: fix enable of all initialized RXQs (git-fixes).\n- net: propagate dev_get_valid_name return code (git-fixes).\n- net: qca_spi: Fix log level if probe fails (git-fixes).\n- net: qcom/emac: Use proper free methods during TX (git-fixes).\n- net: qla3xxx: Remove overflowing shift statement (git-fixes).\n- net: smsc: fix return type of ndo_start_xmit function (git-fixes).\n- net: sun: fix return type of ndo_start_xmit function (git-fixes).\n- net: toshiba: fix return type of ndo_start_xmit function (git-fixes).\n- net: xfrm: allow clearing socket xfrm policies (git-fixes).\n- net: xilinx: fix return type of ndo_start_xmit function (git-fixes).\n- netfilter: ebtables: convert BUG_ONs to WARN_ONs (git-fixes).\n- netfilter: ipt_CLUSTERIP: put config instead of freeing it (git-fixes).\n- netfilter: ipt_CLUSTERIP: put config struct if we can\u0027t increment ct refcount (git-fixes).\n- nvme-pci: avoid the deepest sleep state on Kingston A2000 SSDs (git-fixes).\n- nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags (git-fixes).\n- nvme-pci: unquiesce admin queue on shutdown (git-fixes).\n- nvme-pci: use the same attributes when freeing host_mem_desc_bufs (git-fixes).\n- nvme: Fix u32 overflow in the number of namespace list calculation (git-fixes).\n- nvme: free sq/cq dbbuf pointers when dbbuf set fails (git-fixes).\n- nvme: refine the Qemu Identify CNS quirk (git-fixes).\n- nvme: remove the ifdef around nvme_nvm_ioctl (git-fixes).\n- platform/x86: alienware-wmi: Adjust instance of wmi_evaluate_method calls to 0 (git-fixes).\n- platform/x86: alienware-wmi: constify attribute_group structures (git-fixes).\n- platform/x86: alienware-wmi: fix format string overflow warning (git-fixes).\n- platform/x86: alienware-wmi: fix kfree on potentially uninitialized pointer (git-fixes).\n- platform/x86: dell-laptop: fix rfkill functionality.\n- platform/x86: dell-smbios-wmi: Add missing kfree in error-exit from run_smbios_call (git-fixes).\n- platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (git-fixes).\n- powerpc/idle: Store PURR snapshot in a per-cpu global variable (PED-3947 bsc#1210544 ltc#202303).\n- powerpc/pseries: Account for SPURR ticks on idle CPUs (PED-3947 bsc#1210544 ltc#202303).\n- powerpc/rtas: use memmove for potentially overlapping buffer copy (bsc#1065729).\n- powerpc/sysfs: Show idle_purr and idle_spurr for every CPU (PED-3947 bsc#1210544 ltc#202303).\n- powerpc: Do not try to copy PPR for task with NULL pt_regs (bsc#1065729).\n- powerpc: Move idle_loop_prolog()/epilog() functions to header file (PED-3947 bsc#1210544 ltc#202303).\n- powerpc: Squash lines for simple wrapper functions (bsc#1065729).\n- rds; Reset rs-\u003ers_bound_addr in rds_add_bound() failure path (git-fixes).\n- ring-buffer: Ensure proper resetting of atomic variables in ring_buffer_reset_online_cpus (git-fixes).\n- ring-buffer: Sync IRQ works before buffer destruction (git-fixes).\n- rxe: IB_WR_REG_MR does not capture MR\u0027s iova field (git-fixes)\n- s390/dasd: correct numa_node in dasd_alloc_queue (git-fixes bsc#1211362).\n- s390/extmem: fix gcc 8 stringop-overflow warning (git-fixes bsc#1211363).\n- s390/kasan: fix early pgm check handler execution (git-fixes bsc#1211360).\n- s390/pci: fix sleeping in atomic during hotplug (git-fixes bsc#1211364).\n- s390/scm_blk: correct numa_node in scm_blk_dev_setup (git-fixes bsc#1211365).\n- s390/sysinfo: add missing #ifdef CONFIG_PROC_FS (git-fixes bsc#1211366).\n- s390/uaccess: add missing earlyclobber annotations to __clear_user() (LTC#202116 bsc#1209857 git-fixes).\n- s390: ctcm: fix ctcm_new_device error return code (git-fixes bsc#1211361).\n- scsi: qla2xxx: Declare SCSI host template const (bsc#1211960).\n- scsi: qla2xxx: Drop redundant pci_enable_pcie_error_reporting() (bsc#1211960).\n- scsi: qla2xxx: Fix hang in task management (bsc#1211960).\n- scsi: qla2xxx: Fix hang in task management (bsc#1211960).\n- scsi: qla2xxx: Fix mem access after free (bsc#1211960).\n- scsi: qla2xxx: Fix mem access after free (bsc#1211960).\n- scsi: qla2xxx: Fix task management cmd fail due to unavailable resource (bsc#1211960).\n- scsi: qla2xxx: Fix task management cmd fail due to unavailable resource (bsc#1211960).\n- scsi: qla2xxx: Fix task management cmd failure (bsc#1211960).\n- scsi: qla2xxx: Fix task management cmd failure (bsc#1211960).\n- scsi: qla2xxx: Multi-que support for TMF (bsc#1211960).\n- scsi: qla2xxx: Multi-que support for TMF (bsc#1211960).\n- scsi: qla2xxx: Refer directly to the qla2xxx_driver_template (bsc#1211960).\n- scsi: qla2xxx: Remove default fabric ops callouts (bsc#1211960).\n- scsi: qla2xxx: Replace all non-returning strlcpy() with strscpy() (bsc#1211960).\n- scsi: qla2xxx: Replace all non-returning strlcpy() with strscpy() (bsc#1211960).\n- scsi: qla2xxx: Update version to 10.02.08.300-k (bsc#1211960).\n- scsi: qla2xxx: Update version to 10.02.08.300-k (bsc#1211960).\n- scsi: qla2xxx: Wait for io return on terminate rport (bsc#1211960).\n- scsi: qla2xxx: Wait for io return on terminate rport (bsc#1211960).\n- scsi: storvsc: Parameterize number hardware queues (bsc#1211622).\n- sctp: avoid flushing unsent queue when doing asoc reset (git-fixes).\n- sctp: fix erroneous inc of snmp SctpFragUsrMsgs (git-fixes).\n- sctp: fix the issue that a __u16 variable may overflow in sctp_ulpq_renege (git-fixes).\n- sctp: make use of pre-calculated len (git-fixes).\n- seccomp: Set PF_SUPERPRIV when checking capability (git-fixes bsc#1211816).\n- sit: fix IFLA_MTU ignored on NEWLINK (git-fixes).\n- stmmac: fix valid numbers of unicast filter entries (git-fixes).\n- sunvnet: does not support GSO for sctp (git-fixes).\n- usb: chipidea: fix missing goto in `ci_hdrc_probe` (git-fixes).\n- usb: dwc3: Fix race between dwc3_set_mode and __dwc3_set_mode (git-fixes).\n- usb: early: xhci-dbc: Fix a potential out-of-bound memory access (git-fixes).\n- wcn36xx: Add ability for wcn36xx_smd_dump_cmd_req to pass two\u0027s complement (git-fixes).\n- wcn36xx: Add ieee80211 rx status rate information (git-fixes).\n- wcn36xx: Channel list update before hardware scan (git-fixes).\n- wcn36xx: Disable bmps when encryption is disabled (git-fixes).\n- wcn36xx: Ensure finish scan is not requested before start scan (git-fixes).\n- wcn36xx: Fix TX data path (git-fixes).\n- wcn36xx: Fix multiple AMPDU sessions support (git-fixes).\n- wcn36xx: Fix software-driven scan (git-fix).\n- wcn36xx: Fix warning due to bad rate_idx (git-fixes).\n- wcn36xx: Increase number of TX retries (git-fixes).\n- wcn36xx: Specify ieee80211_rx_status.nss (git-fixes).\n- wcn36xx: Use kmemdup instead of duplicating it in wcn36xx_smd_process_ptt_msg_rsp (git-fixes).\n- wcn36xx: Use sequence number allocated by mac80211 (git-fixes).\n- wcn36xx: disable HW_CONNECTION_MONITOR (git-fixes).\n- wcn36xx: ensure pairing of init_scan/finish_scan and start_scan/end_scan (git-fixes).\n- wcn36xx: fix spelling mistake \u0027to\u0027 -\u003e \u0027too\u0027 (git-fixes).\n- wcn36xx: fix typo (git-fixes).\n- wcn36xx: remove unecessary return (git-fixes).\n- wcn36xx: use dma_zalloc_coherent instead of allocator/memset (git-fixes).\n- workqueue: Fix hung time report of worker pools (bsc#1211044).\n- workqueue: Interrupted create_worker() is not a repeated event (bsc#1211044).\n- workqueue: Print backtraces from CPUs with hung CPU bound workqueues (bsc#1211044).\n- workqueue: Warn when a new worker could not be created (bsc#1211044).\n- workqueue: Warn when a rescuer could not be created (bsc#1211044).\n- x86/kvm/vmx: fix old-style function declaration (git-fixes).\n- x86/kvm: Do not call kvm_spurious_fault() from .fixup (git-fixes).\n- x86: kvm: avoid constant-conversion warning (git-fixes).\n- xen/netback: do not do grant copy across page boundary (git-fixes).\n- xen/netback: use same error messages for same errors (git-fixes).\n- xfrm: Fix stack-out-of-bounds with misconfigured transport mode policies (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-2501,SUSE-SLE-RT-12-SP5-2023-2501",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2501-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:2501-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232501-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:2501-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2023-June/029843.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1118212",
"url": "https://bugzilla.suse.com/1118212"
},
{
"category": "self",
"summary": "SUSE Bug 1129770",
"url": "https://bugzilla.suse.com/1129770"
},
{
"category": "self",
"summary": "SUSE Bug 1154048",
"url": "https://bugzilla.suse.com/1154048"
},
{
"category": "self",
"summary": "SUSE Bug 1204405",
"url": "https://bugzilla.suse.com/1204405"
},
{
"category": "self",
"summary": "SUSE Bug 1205756",
"url": "https://bugzilla.suse.com/1205756"
},
{
"category": "self",
"summary": "SUSE Bug 1205758",
"url": "https://bugzilla.suse.com/1205758"
},
{
"category": "self",
"summary": "SUSE Bug 1205760",
"url": "https://bugzilla.suse.com/1205760"
},
{
"category": "self",
"summary": "SUSE Bug 1205762",
"url": "https://bugzilla.suse.com/1205762"
},
{
"category": "self",
"summary": "SUSE Bug 1205803",
"url": "https://bugzilla.suse.com/1205803"
},
{
"category": "self",
"summary": "SUSE Bug 1206878",
"url": "https://bugzilla.suse.com/1206878"
},
{
"category": "self",
"summary": "SUSE Bug 1209287",
"url": "https://bugzilla.suse.com/1209287"
},
{
"category": "self",
"summary": "SUSE Bug 1209366",
"url": "https://bugzilla.suse.com/1209366"
},
{
"category": "self",
"summary": "SUSE Bug 1209857",
"url": "https://bugzilla.suse.com/1209857"
},
{
"category": "self",
"summary": "SUSE Bug 1210544",
"url": "https://bugzilla.suse.com/1210544"
},
{
"category": "self",
"summary": "SUSE Bug 1210629",
"url": "https://bugzilla.suse.com/1210629"
},
{
"category": "self",
"summary": "SUSE Bug 1210715",
"url": "https://bugzilla.suse.com/1210715"
},
{
"category": "self",
"summary": "SUSE Bug 1210783",
"url": "https://bugzilla.suse.com/1210783"
},
{
"category": "self",
"summary": "SUSE Bug 1210806",
"url": "https://bugzilla.suse.com/1210806"
},
{
"category": "self",
"summary": "SUSE Bug 1210940",
"url": "https://bugzilla.suse.com/1210940"
},
{
"category": "self",
"summary": "SUSE Bug 1211037",
"url": "https://bugzilla.suse.com/1211037"
},
{
"category": "self",
"summary": "SUSE Bug 1211044",
"url": "https://bugzilla.suse.com/1211044"
},
{
"category": "self",
"summary": "SUSE Bug 1211105",
"url": "https://bugzilla.suse.com/1211105"
},
{
"category": "self",
"summary": "SUSE Bug 1211186",
"url": "https://bugzilla.suse.com/1211186"
},
{
"category": "self",
"summary": "SUSE Bug 1211275",
"url": "https://bugzilla.suse.com/1211275"
},
{
"category": "self",
"summary": "SUSE Bug 1211360",
"url": "https://bugzilla.suse.com/1211360"
},
{
"category": "self",
"summary": "SUSE Bug 1211361",
"url": "https://bugzilla.suse.com/1211361"
},
{
"category": "self",
"summary": "SUSE Bug 1211362",
"url": "https://bugzilla.suse.com/1211362"
},
{
"category": "self",
"summary": "SUSE Bug 1211363",
"url": "https://bugzilla.suse.com/1211363"
},
{
"category": "self",
"summary": "SUSE Bug 1211364",
"url": "https://bugzilla.suse.com/1211364"
},
{
"category": "self",
"summary": "SUSE Bug 1211365",
"url": "https://bugzilla.suse.com/1211365"
},
{
"category": "self",
"summary": "SUSE Bug 1211366",
"url": "https://bugzilla.suse.com/1211366"
},
{
"category": "self",
"summary": "SUSE Bug 1211466",
"url": "https://bugzilla.suse.com/1211466"
},
{
"category": "self",
"summary": "SUSE Bug 1211592",
"url": "https://bugzilla.suse.com/1211592"
},
{
"category": "self",
"summary": "SUSE Bug 1211622",
"url": "https://bugzilla.suse.com/1211622"
},
{
"category": "self",
"summary": "SUSE Bug 1211801",
"url": "https://bugzilla.suse.com/1211801"
},
{
"category": "self",
"summary": "SUSE Bug 1211816",
"url": "https://bugzilla.suse.com/1211816"
},
{
"category": "self",
"summary": "SUSE Bug 1211960",
"url": "https://bugzilla.suse.com/1211960"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3566 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3566/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-45884 page",
"url": "https://www.suse.com/security/cve/CVE-2022-45884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-45885 page",
"url": "https://www.suse.com/security/cve/CVE-2022-45885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-45886 page",
"url": "https://www.suse.com/security/cve/CVE-2022-45886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-45887 page",
"url": "https://www.suse.com/security/cve/CVE-2022-45887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-45919 page",
"url": "https://www.suse.com/security/cve/CVE-2022-45919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1380 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1380/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2176 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2194 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2194/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2269 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2269/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2483 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2513 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2513/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-28466 page",
"url": "https://www.suse.com/security/cve/CVE-2023-28466/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-31084 page",
"url": "https://www.suse.com/security/cve/CVE-2023-31084/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-31436 page",
"url": "https://www.suse.com/security/cve/CVE-2023-31436/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-32269 page",
"url": "https://www.suse.com/security/cve/CVE-2023-32269/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2023-06-13T15:39:38Z",
"generator": {
"date": "2023-06-13T15:39:38Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:2501-1",
"initial_release_date": "2023-06-13T15:39:38Z",
"revision_history": [
{
"date": "2023-06-13T15:39:38Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-4.12.14-10.127.1.noarch",
"product": {
"name": "kernel-devel-rt-4.12.14-10.127.1.noarch",
"product_id": "kernel-devel-rt-4.12.14-10.127.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-4.12.14-10.127.1.noarch",
"product": {
"name": "kernel-source-rt-4.12.14-10.127.1.noarch",
"product_id": "kernel-source-rt-4.12.14-10.127.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"product_id": "cluster-md-kmp-rt-4.12.14-10.127.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-rt_debug-4.12.14-10.127.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt_debug-4.12.14-10.127.1.x86_64",
"product_id": "cluster-md-kmp-rt_debug-4.12.14-10.127.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"product": {
"name": "dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"product_id": "dlm-kmp-rt-4.12.14-10.127.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt_debug-4.12.14-10.127.1.x86_64",
"product": {
"name": "dlm-kmp-rt_debug-4.12.14-10.127.1.x86_64",
"product_id": "dlm-kmp-rt_debug-4.12.14-10.127.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"product_id": "gfs2-kmp-rt-4.12.14-10.127.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt_debug-4.12.14-10.127.1.x86_64",
"product": {
"name": "gfs2-kmp-rt_debug-4.12.14-10.127.1.x86_64",
"product_id": "gfs2-kmp-rt_debug-4.12.14-10.127.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-4.12.14-10.127.1.x86_64",
"product": {
"name": "kernel-rt-4.12.14-10.127.1.x86_64",
"product_id": "kernel-rt-4.12.14-10.127.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-base-4.12.14-10.127.1.x86_64",
"product": {
"name": "kernel-rt-base-4.12.14-10.127.1.x86_64",
"product_id": "kernel-rt-base-4.12.14-10.127.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-4.12.14-10.127.1.x86_64",
"product": {
"name": "kernel-rt-devel-4.12.14-10.127.1.x86_64",
"product_id": "kernel-rt-devel-4.12.14-10.127.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-4.12.14-10.127.1.x86_64",
"product": {
"name": "kernel-rt-extra-4.12.14-10.127.1.x86_64",
"product_id": "kernel-rt-extra-4.12.14-10.127.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-kgraft-devel-4.12.14-10.127.1.x86_64",
"product": {
"name": "kernel-rt-kgraft-devel-4.12.14-10.127.1.x86_64",
"product_id": "kernel-rt-kgraft-devel-4.12.14-10.127.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-4.12.14-10.127.1.x86_64",
"product": {
"name": "kernel-rt_debug-4.12.14-10.127.1.x86_64",
"product_id": "kernel-rt_debug-4.12.14-10.127.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-base-4.12.14-10.127.1.x86_64",
"product": {
"name": "kernel-rt_debug-base-4.12.14-10.127.1.x86_64",
"product_id": "kernel-rt_debug-base-4.12.14-10.127.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"product_id": "kernel-rt_debug-devel-4.12.14-10.127.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-extra-4.12.14-10.127.1.x86_64",
"product": {
"name": "kernel-rt_debug-extra-4.12.14-10.127.1.x86_64",
"product_id": "kernel-rt_debug-extra-4.12.14-10.127.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-kgraft-devel-4.12.14-10.127.1.x86_64",
"product": {
"name": "kernel-rt_debug-kgraft-devel-4.12.14-10.127.1.x86_64",
"product_id": "kernel-rt_debug-kgraft-devel-4.12.14-10.127.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-4.12.14-10.127.1.x86_64",
"product": {
"name": "kernel-syms-rt-4.12.14-10.127.1.x86_64",
"product_id": "kernel-syms-rt-4.12.14-10.127.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-4.12.14-10.127.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-4.12.14-10.127.1.x86_64",
"product_id": "kselftests-kmp-rt-4.12.14-10.127.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt_debug-4.12.14-10.127.1.x86_64",
"product": {
"name": "kselftests-kmp-rt_debug-4.12.14-10.127.1.x86_64",
"product_id": "kselftests-kmp-rt_debug-4.12.14-10.127.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"product_id": "ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt_debug-4.12.14-10.127.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt_debug-4.12.14-10.127.1.x86_64",
"product_id": "ocfs2-kmp-rt_debug-4.12.14-10.127.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Real Time 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-linux-enterprise-rt:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-4.12.14-10.127.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-4.12.14-10.127.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64"
},
"product_reference": "dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-4.12.14-10.127.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-4.12.14-10.127.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch"
},
"product_reference": "kernel-devel-rt-4.12.14-10.127.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-4.12.14-10.127.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64"
},
"product_reference": "kernel-rt-4.12.14-10.127.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-base-4.12.14-10.127.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64"
},
"product_reference": "kernel-rt-base-4.12.14-10.127.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-4.12.14-10.127.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64"
},
"product_reference": "kernel-rt-devel-4.12.14-10.127.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-4.12.14-10.127.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64"
},
"product_reference": "kernel-rt_debug-4.12.14-10.127.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-4.12.14-10.127.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-4.12.14-10.127.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch"
},
"product_reference": "kernel-source-rt-4.12.14-10.127.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-4.12.14-10.127.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64"
},
"product_reference": "kernel-syms-rt-4.12.14-10.127.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-4.12.14-10.127.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-3566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3566"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcp_getsockopt/tcp_setsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier VDB-211089 was assigned to this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3566",
"url": "https://www.suse.com/security/cve/CVE-2022-3566"
},
{
"category": "external",
"summary": "SUSE Bug 1204405 for CVE-2022-3566",
"url": "https://bugzilla.suse.com/1204405"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:38Z",
"details": "moderate"
}
],
"title": "CVE-2022-3566"
},
{
"cve": "CVE-2022-45884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-45884"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-45884",
"url": "https://www.suse.com/security/cve/CVE-2022-45884"
},
{
"category": "external",
"summary": "SUSE Bug 1205756 for CVE-2022-45884",
"url": "https://bugzilla.suse.com/1205756"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:38Z",
"details": "moderate"
}
],
"title": "CVE-2022-45884"
},
{
"cve": "CVE-2022-45885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-45885"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a use-after-free when a device is disconnected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-45885",
"url": "https://www.suse.com/security/cve/CVE-2022-45885"
},
{
"category": "external",
"summary": "SUSE Bug 1205758 for CVE-2022-45885",
"url": "https://bugzilla.suse.com/1205758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:38Z",
"details": "moderate"
}
],
"title": "CVE-2022-45885"
},
{
"cve": "CVE-2022-45886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-45886"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-45886",
"url": "https://www.suse.com/security/cve/CVE-2022-45886"
},
{
"category": "external",
"summary": "SUSE Bug 1205760 for CVE-2022-45886",
"url": "https://bugzilla.suse.com/1205760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:38Z",
"details": "moderate"
}
],
"title": "CVE-2022-45886"
},
{
"cve": "CVE-2022-45887",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-45887"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-45887",
"url": "https://www.suse.com/security/cve/CVE-2022-45887"
},
{
"category": "external",
"summary": "SUSE Bug 1205762 for CVE-2022-45887",
"url": "https://bugzilla.suse.com/1205762"
},
{
"category": "external",
"summary": "SUSE Bug 1220015 for CVE-2022-45887",
"url": "https://bugzilla.suse.com/1220015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:38Z",
"details": "moderate"
}
],
"title": "CVE-2022-45887"
},
{
"cve": "CVE-2022-45919",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-45919"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-45919",
"url": "https://www.suse.com/security/cve/CVE-2022-45919"
},
{
"category": "external",
"summary": "SUSE Bug 1205803 for CVE-2022-45919",
"url": "https://bugzilla.suse.com/1205803"
},
{
"category": "external",
"summary": "SUSE Bug 1208600 for CVE-2022-45919",
"url": "https://bugzilla.suse.com/1208600"
},
{
"category": "external",
"summary": "SUSE Bug 1208912 for CVE-2022-45919",
"url": "https://bugzilla.suse.com/1208912"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2022-45919",
"url": "https://bugzilla.suse.com/1214128"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2022-45919",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:38Z",
"details": "important"
}
],
"title": "CVE-2022-45919"
},
{
"cve": "CVE-2023-1380",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1380"
}
],
"notes": [
{
"category": "general",
"text": "A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info-\u003ereq_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1380",
"url": "https://www.suse.com/security/cve/CVE-2023-1380"
},
{
"category": "external",
"summary": "SUSE Bug 1209287 for CVE-2023-1380",
"url": "https://bugzilla.suse.com/1209287"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:38Z",
"details": "moderate"
}
],
"title": "CVE-2023-1380"
},
{
"cve": "CVE-2023-2176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2176"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2176",
"url": "https://www.suse.com/security/cve/CVE-2023-2176"
},
{
"category": "external",
"summary": "SUSE Bug 1210629 for CVE-2023-2176",
"url": "https://bugzilla.suse.com/1210629"
},
{
"category": "external",
"summary": "SUSE Bug 1210630 for CVE-2023-2176",
"url": "https://bugzilla.suse.com/1210630"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-2176",
"url": "https://bugzilla.suse.com/1213842"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:38Z",
"details": "important"
}
],
"title": "CVE-2023-2176"
},
{
"cve": "CVE-2023-2194",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2194"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds write vulnerability was found in the Linux kernel\u0027s SLIMpro I2C device driver. The userspace \"data-\u003eblock[0]\" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could allow a local privileged user to crash the system or potentially achieve code execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2194",
"url": "https://www.suse.com/security/cve/CVE-2023-2194"
},
{
"category": "external",
"summary": "SUSE Bug 1210715 for CVE-2023-2194",
"url": "https://bugzilla.suse.com/1210715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:38Z",
"details": "moderate"
}
],
"title": "CVE-2023-2194"
},
{
"cve": "CVE-2023-2269",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2269"
}
],
"notes": [
{
"category": "general",
"text": "A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2269",
"url": "https://www.suse.com/security/cve/CVE-2023-2269"
},
{
"category": "external",
"summary": "SUSE Bug 1210806 for CVE-2023-2269",
"url": "https://bugzilla.suse.com/1210806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:38Z",
"details": "moderate"
}
],
"title": "CVE-2023-2269"
},
{
"cve": "CVE-2023-2483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2483"
}
],
"notes": [
{
"category": "general",
"text": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-33203. Reason: This candidate is a reservation duplicate of CVE-2023-33203. Notes: All CVE users should reference CVE-2023-33203 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2483",
"url": "https://www.suse.com/security/cve/CVE-2023-2483"
},
{
"category": "external",
"summary": "SUSE Bug 1211037 for CVE-2023-2483",
"url": "https://bugzilla.suse.com/1211037"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:38Z",
"details": "moderate"
}
],
"title": "CVE-2023-2483"
},
{
"cve": "CVE-2023-2513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2513"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability was found in the Linux kernel\u0027s ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2513",
"url": "https://www.suse.com/security/cve/CVE-2023-2513"
},
{
"category": "external",
"summary": "SUSE Bug 1211105 for CVE-2023-2513",
"url": "https://bugzilla.suse.com/1211105"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:38Z",
"details": "moderate"
}
],
"title": "CVE-2023-2513"
},
{
"cve": "CVE-2023-28466",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-28466"
}
],
"notes": [
{
"category": "general",
"text": "do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-28466",
"url": "https://www.suse.com/security/cve/CVE-2023-28466"
},
{
"category": "external",
"summary": "SUSE Bug 1209366 for CVE-2023-28466",
"url": "https://bugzilla.suse.com/1209366"
},
{
"category": "external",
"summary": "SUSE Bug 1210452 for CVE-2023-28466",
"url": "https://bugzilla.suse.com/1210452"
},
{
"category": "external",
"summary": "SUSE Bug 1211833 for CVE-2023-28466",
"url": "https://bugzilla.suse.com/1211833"
},
{
"category": "external",
"summary": "SUSE Bug 1213841 for CVE-2023-28466",
"url": "https://bugzilla.suse.com/1213841"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:38Z",
"details": "important"
}
],
"title": "CVE-2023-28466"
},
{
"cve": "CVE-2023-31084",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-31084"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event, down(\u0026fepriv-\u003esem) is called. However, wait_event_interruptible would put the process to sleep, and down(\u0026fepriv-\u003esem) may block the process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-31084",
"url": "https://www.suse.com/security/cve/CVE-2023-31084"
},
{
"category": "external",
"summary": "SUSE Bug 1210783 for CVE-2023-31084",
"url": "https://bugzilla.suse.com/1210783"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:38Z",
"details": "moderate"
}
],
"title": "CVE-2023-31084"
},
{
"cve": "CVE-2023-31436",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-31436"
}
],
"notes": [
{
"category": "general",
"text": "qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-31436",
"url": "https://www.suse.com/security/cve/CVE-2023-31436"
},
{
"category": "external",
"summary": "SUSE Bug 1210940 for CVE-2023-31436",
"url": "https://bugzilla.suse.com/1210940"
},
{
"category": "external",
"summary": "SUSE Bug 1211260 for CVE-2023-31436",
"url": "https://bugzilla.suse.com/1211260"
},
{
"category": "external",
"summary": "SUSE Bug 1213841 for CVE-2023-31436",
"url": "https://bugzilla.suse.com/1213841"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-31436",
"url": "https://bugzilla.suse.com/1213842"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2023-31436",
"url": "https://bugzilla.suse.com/1214128"
},
{
"category": "external",
"summary": "SUSE Bug 1223091 for CVE-2023-31436",
"url": "https://bugzilla.suse.com/1223091"
},
{
"category": "external",
"summary": "SUSE Bug 1224419 for CVE-2023-31436",
"url": "https://bugzilla.suse.com/1224419"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:38Z",
"details": "important"
}
],
"title": "CVE-2023-31436"
},
{
"cve": "CVE-2023-32269",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-32269"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-32269",
"url": "https://www.suse.com/security/cve/CVE-2023-32269"
},
{
"category": "external",
"summary": "SUSE Bug 1211186 for CVE-2023-32269",
"url": "https://bugzilla.suse.com/1211186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.127.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.127.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.127.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:38Z",
"details": "moderate"
}
],
"title": "CVE-2023-32269"
}
]
}
SUSE-SU-2023:2502-1
Vulnerability from csaf_suse - Published: 2023-06-13 15:39 - Updated: 2023-06-13 15:39Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-2156: Fixed a flaw in the networking subsystem within the handling of the RPL protocol (bsc#1211131).
- CVE-2023-1637: Fixed vulnerability that could lead to unauthorized access to CPU memory after resuming CPU from suspend-to-RAM (bsc#1209779).
- CVE-2022-3566: Fixed race condition in the TCP Handler (bsc#1204405).
- CVE-2020-36694: Fixed an use-after-free issue in netfilter in the packet processing context (bsc#1211596).
- CVE-2023-1079: Fixed a use-after-free problem that could have been triggered in asus_kbd_backlight_set when plugging/disconnecting a malicious USB device (bsc#1208604).
- CVE-2023-33288: Fixed a use-after-free in bq24190_remove in drivers/power/supply/bq24190_charger.c (bsc#1211590).
- CVE-2022-45886: Fixed a .disconnect versus dvb_device_open race condition in dvb_net.c that lead to a use-after-free (bsc#1205760).
- CVE-2022-45885: Fixed a race condition in dvb_frontend.c that could cause a use-after-free when a device is disconnected (bsc#1205758).
- CVE-2022-45887: Fixed a memory leak in ttusb_dec.c caused by the lack of a dvb_frontend_detach call (bsc#1205762).
- CVE-2022-45919: Fixed a use-after-free in dvb_ca_en50221.c that could occur if there is a disconnect after an open, because of the lack of a wait_event (bsc#1205803).
- CVE-2022-45884: Fixed a use-after-free in dvbdev.c, related to dvb_register_device dynamically allocating fops (bsc#1205756).
- CVE-2023-31084: Fixed a blocking issue in drivers/media/dvb-core/dvb_frontend.c (bsc#1210783).
- CVE-2023-31436: Fixed an out-of-bounds write in qfq_change_class() because lmax can exceed QFQ_MIN_LMAX (bsc#1210940 bsc#1211260).
- CVE-2023-2194: Fixed an out-of-bounds write vulnerability in the SLIMpro I2C device driver (bsc#1210715).
- CVE-2023-32269: Fixed a use-after-free in af_netrom.c, related to the fact that accept() was also allowed for a successfully connected AF_NETROM socket (bsc#1211186).
- CVE-2023-32233: Fixed a use-after-free in Netfilter nf_tables when processing batch requests (bsc#1211043).
- CVE-2022-4269: Fixed a flaw was found inside the Traffic Control (TC) subsystem (bsc#1206024).
- CVE-2023-1380: Fixed a slab-out-of-bound read problem in brcmf_get_assoc_ies() (bsc#1209287).
- CVE-2023-2513: Fixed a use-after-free vulnerability in the ext4 filesystem (bsc#1211105).
- CVE-2023-2483: Fixed a use after free bug in emac_remove due caused by a race condition (bsc#1211037).
- CVE-2023-23586: Fixed a memory information leak in the io_uring subsystem (bsc#1208474).
The following non-security bugs were fixed:
- Drivers: hv: vmbus: Optimize vmbus_on_event (bsc#1211622).
- SUNRPC: Ensure the transport backchannel association (bsc#1211203).
- ipv6: sr: fix out-of-bounds read when setting HMAC data (bsc#1211592).
- s390,dcssblk,dax: Add dax zero_page_range operation to dcssblk driver (bsc#1199636).
Patchnames: SUSE-2023-2502,SUSE-SLE-Module-RT-15-SP3-2023-2502,SUSE-SUSE-MicroOS-5.1-2023-2502,SUSE-SUSE-MicroOS-5.2-2023-2502
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.6 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.7 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.1 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.1 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.1 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.1 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.3 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.8 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.1 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.4 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.6 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.9 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.8 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
105 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-2156: Fixed a flaw in the networking subsystem within the handling of the RPL protocol (bsc#1211131).\n- CVE-2023-1637: Fixed vulnerability that could lead to unauthorized access to CPU memory after resuming CPU from suspend-to-RAM (bsc#1209779).\n- CVE-2022-3566: Fixed race condition in the TCP Handler (bsc#1204405).\n- CVE-2020-36694: Fixed an use-after-free issue in netfilter in the packet processing context (bsc#1211596).\n- CVE-2023-1079: Fixed a use-after-free problem that could have been triggered in asus_kbd_backlight_set when plugging/disconnecting a malicious USB device (bsc#1208604).\n- CVE-2023-33288: Fixed a use-after-free in bq24190_remove in drivers/power/supply/bq24190_charger.c (bsc#1211590).\n- CVE-2022-45886: Fixed a .disconnect versus dvb_device_open race condition in dvb_net.c that lead to a use-after-free (bsc#1205760).\n- CVE-2022-45885: Fixed a race condition in dvb_frontend.c that could cause a use-after-free when a device is disconnected (bsc#1205758).\n- CVE-2022-45887: Fixed a memory leak in ttusb_dec.c caused by the lack of a dvb_frontend_detach call (bsc#1205762).\n- CVE-2022-45919: Fixed a use-after-free in dvb_ca_en50221.c that could occur if there is a disconnect after an open, because of the lack of a wait_event (bsc#1205803).\n- CVE-2022-45884: Fixed a use-after-free in dvbdev.c, related to dvb_register_device dynamically allocating fops (bsc#1205756).\n- CVE-2023-31084: Fixed a blocking issue in drivers/media/dvb-core/dvb_frontend.c (bsc#1210783).\n- CVE-2023-31436: Fixed an out-of-bounds write in qfq_change_class() because lmax can exceed QFQ_MIN_LMAX (bsc#1210940 bsc#1211260).\n- CVE-2023-2194: Fixed an out-of-bounds write vulnerability in the SLIMpro I2C device driver (bsc#1210715).\n- CVE-2023-32269: Fixed a use-after-free in af_netrom.c, related to the fact that accept() was also allowed for a successfully connected AF_NETROM socket (bsc#1211186).\n- CVE-2023-32233: Fixed a use-after-free in Netfilter nf_tables when processing batch requests (bsc#1211043).\n- CVE-2022-4269: Fixed a flaw was found inside the Traffic Control (TC) subsystem (bsc#1206024).\n- CVE-2023-1380: Fixed a slab-out-of-bound read problem in brcmf_get_assoc_ies() (bsc#1209287).\n- CVE-2023-2513: Fixed a use-after-free vulnerability in the ext4 filesystem (bsc#1211105).\n- CVE-2023-2483: Fixed a use after free bug in emac_remove due caused by a race condition (bsc#1211037).\n- CVE-2023-23586: Fixed a memory information leak in the io_uring subsystem (bsc#1208474).\n\nThe following non-security bugs were fixed:\n\n- Drivers: hv: vmbus: Optimize vmbus_on_event (bsc#1211622).\n- SUNRPC: Ensure the transport backchannel association (bsc#1211203).\n- ipv6: sr: fix out-of-bounds read when setting HMAC data (bsc#1211592).\n- s390,dcssblk,dax: Add dax zero_page_range operation to dcssblk driver (bsc#1199636).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-2502,SUSE-SLE-Module-RT-15-SP3-2023-2502,SUSE-SUSE-MicroOS-5.1-2023-2502,SUSE-SUSE-MicroOS-5.2-2023-2502",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2502-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:2502-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232502-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:2502-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2023-June/029842.html"
},
{
"category": "self",
"summary": "SUSE Bug 1199636",
"url": "https://bugzilla.suse.com/1199636"
},
{
"category": "self",
"summary": "SUSE Bug 1204405",
"url": "https://bugzilla.suse.com/1204405"
},
{
"category": "self",
"summary": "SUSE Bug 1205756",
"url": "https://bugzilla.suse.com/1205756"
},
{
"category": "self",
"summary": "SUSE Bug 1205758",
"url": "https://bugzilla.suse.com/1205758"
},
{
"category": "self",
"summary": "SUSE Bug 1205760",
"url": "https://bugzilla.suse.com/1205760"
},
{
"category": "self",
"summary": "SUSE Bug 1205762",
"url": "https://bugzilla.suse.com/1205762"
},
{
"category": "self",
"summary": "SUSE Bug 1205803",
"url": "https://bugzilla.suse.com/1205803"
},
{
"category": "self",
"summary": "SUSE Bug 1206024",
"url": "https://bugzilla.suse.com/1206024"
},
{
"category": "self",
"summary": "SUSE Bug 1208474",
"url": "https://bugzilla.suse.com/1208474"
},
{
"category": "self",
"summary": "SUSE Bug 1208604",
"url": "https://bugzilla.suse.com/1208604"
},
{
"category": "self",
"summary": "SUSE Bug 1209287",
"url": "https://bugzilla.suse.com/1209287"
},
{
"category": "self",
"summary": "SUSE Bug 1209779",
"url": "https://bugzilla.suse.com/1209779"
},
{
"category": "self",
"summary": "SUSE Bug 1210715",
"url": "https://bugzilla.suse.com/1210715"
},
{
"category": "self",
"summary": "SUSE Bug 1210783",
"url": "https://bugzilla.suse.com/1210783"
},
{
"category": "self",
"summary": "SUSE Bug 1210940",
"url": "https://bugzilla.suse.com/1210940"
},
{
"category": "self",
"summary": "SUSE Bug 1211037",
"url": "https://bugzilla.suse.com/1211037"
},
{
"category": "self",
"summary": "SUSE Bug 1211043",
"url": "https://bugzilla.suse.com/1211043"
},
{
"category": "self",
"summary": "SUSE Bug 1211105",
"url": "https://bugzilla.suse.com/1211105"
},
{
"category": "self",
"summary": "SUSE Bug 1211131",
"url": "https://bugzilla.suse.com/1211131"
},
{
"category": "self",
"summary": "SUSE Bug 1211186",
"url": "https://bugzilla.suse.com/1211186"
},
{
"category": "self",
"summary": "SUSE Bug 1211203",
"url": "https://bugzilla.suse.com/1211203"
},
{
"category": "self",
"summary": "SUSE Bug 1211590",
"url": "https://bugzilla.suse.com/1211590"
},
{
"category": "self",
"summary": "SUSE Bug 1211592",
"url": "https://bugzilla.suse.com/1211592"
},
{
"category": "self",
"summary": "SUSE Bug 1211596",
"url": "https://bugzilla.suse.com/1211596"
},
{
"category": "self",
"summary": "SUSE Bug 1211622",
"url": "https://bugzilla.suse.com/1211622"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36694 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36694/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3566 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3566/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4269 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4269/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-45884 page",
"url": "https://www.suse.com/security/cve/CVE-2022-45884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-45885 page",
"url": "https://www.suse.com/security/cve/CVE-2022-45885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-45886 page",
"url": "https://www.suse.com/security/cve/CVE-2022-45886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-45887 page",
"url": "https://www.suse.com/security/cve/CVE-2022-45887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-45919 page",
"url": "https://www.suse.com/security/cve/CVE-2022-45919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1079 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1380 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1380/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1637 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1637/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2156 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2194 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2194/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-23586 page",
"url": "https://www.suse.com/security/cve/CVE-2023-23586/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2483 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2513 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2513/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-31084 page",
"url": "https://www.suse.com/security/cve/CVE-2023-31084/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-31436 page",
"url": "https://www.suse.com/security/cve/CVE-2023-31436/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-32233 page",
"url": "https://www.suse.com/security/cve/CVE-2023-32233/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-32269 page",
"url": "https://www.suse.com/security/cve/CVE-2023-32269/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-33288 page",
"url": "https://www.suse.com/security/cve/CVE-2023-33288/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2023-06-13T15:39:53Z",
"generator": {
"date": "2023-06-13T15:39:53Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:2502-1",
"initial_release_date": "2023-06-13T15:39:53Z",
"revision_history": [
{
"date": "2023-06-13T15:39:53Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-5.3.18-150300.130.1.noarch",
"product": {
"name": "kernel-devel-rt-5.3.18-150300.130.1.noarch",
"product_id": "kernel-devel-rt-5.3.18-150300.130.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-5.3.18-150300.130.1.noarch",
"product": {
"name": "kernel-source-rt-5.3.18-150300.130.1.noarch",
"product_id": "kernel-source-rt-5.3.18-150300.130.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"product_id": "cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-rt_debug-5.3.18-150300.130.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt_debug-5.3.18-150300.130.1.x86_64",
"product_id": "cluster-md-kmp-rt_debug-5.3.18-150300.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"product": {
"name": "dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"product_id": "dlm-kmp-rt-5.3.18-150300.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt_debug-5.3.18-150300.130.1.x86_64",
"product": {
"name": "dlm-kmp-rt_debug-5.3.18-150300.130.1.x86_64",
"product_id": "dlm-kmp-rt_debug-5.3.18-150300.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"product_id": "gfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt_debug-5.3.18-150300.130.1.x86_64",
"product": {
"name": "gfs2-kmp-rt_debug-5.3.18-150300.130.1.x86_64",
"product_id": "gfs2-kmp-rt_debug-5.3.18-150300.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-5.3.18-150300.130.1.x86_64",
"product": {
"name": "kernel-rt-5.3.18-150300.130.1.x86_64",
"product_id": "kernel-rt-5.3.18-150300.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"product": {
"name": "kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"product_id": "kernel-rt-devel-5.3.18-150300.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-5.3.18-150300.130.1.x86_64",
"product": {
"name": "kernel-rt-extra-5.3.18-150300.130.1.x86_64",
"product_id": "kernel-rt-extra-5.3.18-150300.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-5.3.18-150300.130.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-5.3.18-150300.130.1.x86_64",
"product_id": "kernel-rt-livepatch-devel-5.3.18-150300.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-optional-5.3.18-150300.130.1.x86_64",
"product": {
"name": "kernel-rt-optional-5.3.18-150300.130.1.x86_64",
"product_id": "kernel-rt-optional-5.3.18-150300.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-5.3.18-150300.130.1.x86_64",
"product": {
"name": "kernel-rt_debug-5.3.18-150300.130.1.x86_64",
"product_id": "kernel-rt_debug-5.3.18-150300.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"product_id": "kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-extra-5.3.18-150300.130.1.x86_64",
"product": {
"name": "kernel-rt_debug-extra-5.3.18-150300.130.1.x86_64",
"product_id": "kernel-rt_debug-extra-5.3.18-150300.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-livepatch-devel-5.3.18-150300.130.1.x86_64",
"product": {
"name": "kernel-rt_debug-livepatch-devel-5.3.18-150300.130.1.x86_64",
"product_id": "kernel-rt_debug-livepatch-devel-5.3.18-150300.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-optional-5.3.18-150300.130.1.x86_64",
"product": {
"name": "kernel-rt_debug-optional-5.3.18-150300.130.1.x86_64",
"product_id": "kernel-rt_debug-optional-5.3.18-150300.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"product": {
"name": "kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"product_id": "kernel-syms-rt-5.3.18-150300.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-5.3.18-150300.130.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-5.3.18-150300.130.1.x86_64",
"product_id": "kselftests-kmp-rt-5.3.18-150300.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt_debug-5.3.18-150300.130.1.x86_64",
"product": {
"name": "kselftests-kmp-rt_debug-5.3.18-150300.130.1.x86_64",
"product_id": "kselftests-kmp-rt_debug-5.3.18-150300.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"product_id": "ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt_debug-5.3.18-150300.130.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt_debug-5.3.18-150300.130.1.x86_64",
"product_id": "ocfs2-kmp-rt_debug-5.3.18-150300.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-5.3.18-150300.130.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt-5.3.18-150300.130.1.x86_64",
"product_id": "reiserfs-kmp-rt-5.3.18-150300.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt_debug-5.3.18-150300.130.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt_debug-5.3.18-150300.130.1.x86_64",
"product_id": "reiserfs-kmp-rt_debug-5.3.18-150300.130.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Real Time Module 15 SP3",
"product": {
"name": "SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-rt:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64 as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-5.3.18-150300.130.1.x86_64 as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64"
},
"product_reference": "dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-5.3.18-150300.130.1.x86_64 as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-5.3.18-150300.130.1.noarch as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch"
},
"product_reference": "kernel-devel-rt-5.3.18-150300.130.1.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.3.18-150300.130.1.x86_64 as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64"
},
"product_reference": "kernel-rt-5.3.18-150300.130.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-5.3.18-150300.130.1.x86_64 as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64"
},
"product_reference": "kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64 as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-5.3.18-150300.130.1.noarch as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch"
},
"product_reference": "kernel-source-rt-5.3.18-150300.130.1.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-5.3.18-150300.130.1.x86_64 as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64"
},
"product_reference": "kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64 as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.3.18-150300.130.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64"
},
"product_reference": "kernel-rt-5.3.18-150300.130.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.3.18-150300.130.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64"
},
"product_reference": "kernel-rt-5.3.18-150300.130.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-36694",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36694"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in netfilter in the Linux kernel before 5.10. There can be a use-after-free in the packet processing context, because the per-CPU sequence count is mishandled during concurrent iptables rules replacement. This could be exploited with the CAP_NET_ADMIN capability in an unprivileged namespace. NOTE: cc00bca was reverted in 5.12.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36694",
"url": "https://www.suse.com/security/cve/CVE-2020-36694"
},
{
"category": "external",
"summary": "SUSE Bug 1211596 for CVE-2020-36694",
"url": "https://bugzilla.suse.com/1211596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:53Z",
"details": "moderate"
}
],
"title": "CVE-2020-36694"
},
{
"cve": "CVE-2022-3566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3566"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcp_getsockopt/tcp_setsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier VDB-211089 was assigned to this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3566",
"url": "https://www.suse.com/security/cve/CVE-2022-3566"
},
{
"category": "external",
"summary": "SUSE Bug 1204405 for CVE-2022-3566",
"url": "https://bugzilla.suse.com/1204405"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-3566"
},
{
"cve": "CVE-2022-4269",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4269"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action \"mirred\") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of service condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4269",
"url": "https://www.suse.com/security/cve/CVE-2022-4269"
},
{
"category": "external",
"summary": "SUSE Bug 1206024 for CVE-2022-4269",
"url": "https://bugzilla.suse.com/1206024"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-4269"
},
{
"cve": "CVE-2022-45884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-45884"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-45884",
"url": "https://www.suse.com/security/cve/CVE-2022-45884"
},
{
"category": "external",
"summary": "SUSE Bug 1205756 for CVE-2022-45884",
"url": "https://bugzilla.suse.com/1205756"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-45884"
},
{
"cve": "CVE-2022-45885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-45885"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a use-after-free when a device is disconnected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-45885",
"url": "https://www.suse.com/security/cve/CVE-2022-45885"
},
{
"category": "external",
"summary": "SUSE Bug 1205758 for CVE-2022-45885",
"url": "https://bugzilla.suse.com/1205758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-45885"
},
{
"cve": "CVE-2022-45886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-45886"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-45886",
"url": "https://www.suse.com/security/cve/CVE-2022-45886"
},
{
"category": "external",
"summary": "SUSE Bug 1205760 for CVE-2022-45886",
"url": "https://bugzilla.suse.com/1205760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-45886"
},
{
"cve": "CVE-2022-45887",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-45887"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-45887",
"url": "https://www.suse.com/security/cve/CVE-2022-45887"
},
{
"category": "external",
"summary": "SUSE Bug 1205762 for CVE-2022-45887",
"url": "https://bugzilla.suse.com/1205762"
},
{
"category": "external",
"summary": "SUSE Bug 1220015 for CVE-2022-45887",
"url": "https://bugzilla.suse.com/1220015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-45887"
},
{
"cve": "CVE-2022-45919",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-45919"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-45919",
"url": "https://www.suse.com/security/cve/CVE-2022-45919"
},
{
"category": "external",
"summary": "SUSE Bug 1205803 for CVE-2022-45919",
"url": "https://bugzilla.suse.com/1205803"
},
{
"category": "external",
"summary": "SUSE Bug 1208600 for CVE-2022-45919",
"url": "https://bugzilla.suse.com/1208600"
},
{
"category": "external",
"summary": "SUSE Bug 1208912 for CVE-2022-45919",
"url": "https://bugzilla.suse.com/1208912"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2022-45919",
"url": "https://bugzilla.suse.com/1214128"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2022-45919",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:53Z",
"details": "important"
}
],
"title": "CVE-2022-45919"
},
{
"cve": "CVE-2023-1079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1079"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel. A use-after-free may be triggered in asus_kbd_backlight_set when plugging/disconnecting in a malicious USB device, which advertises itself as an Asus device. Similarly to the previous known CVE-2023-25012, but in asus devices, the work_struct may be scheduled by the LED controller while the device is disconnecting, triggering a use-after-free on the struct asus_kbd_leds *led structure. A malicious USB device may exploit the issue to cause memory corruption with controlled data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1079",
"url": "https://www.suse.com/security/cve/CVE-2023-1079"
},
{
"category": "external",
"summary": "SUSE Bug 1208604 for CVE-2023-1079",
"url": "https://bugzilla.suse.com/1208604"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-1079"
},
{
"cve": "CVE-2023-1380",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1380"
}
],
"notes": [
{
"category": "general",
"text": "A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info-\u003ereq_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1380",
"url": "https://www.suse.com/security/cve/CVE-2023-1380"
},
{
"category": "external",
"summary": "SUSE Bug 1209287 for CVE-2023-1380",
"url": "https://bugzilla.suse.com/1209287"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-1380"
},
{
"cve": "CVE-2023-1637",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1637"
}
],
"notes": [
{
"category": "general",
"text": "A flaw that boot CPU could be vulnerable for the speculative execution behavior kind of attacks in the Linux kernel X86 CPU Power management options functionality was found in the way user resuming CPU from suspend-to-RAM. A local user could use this flaw to potentially get unauthorized access to some memory of the CPU similar to the speculative execution behavior kind of attacks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1637",
"url": "https://www.suse.com/security/cve/CVE-2023-1637"
},
{
"category": "external",
"summary": "SUSE Bug 1209779 for CVE-2023-1637",
"url": "https://bugzilla.suse.com/1209779"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-1637"
},
{
"cve": "CVE-2023-2156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2156"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create a denial of service condition on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2156",
"url": "https://www.suse.com/security/cve/CVE-2023-2156"
},
{
"category": "external",
"summary": "SUSE Bug 1211131 for CVE-2023-2156",
"url": "https://bugzilla.suse.com/1211131"
},
{
"category": "external",
"summary": "SUSE Bug 1211395 for CVE-2023-2156",
"url": "https://bugzilla.suse.com/1211395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:53Z",
"details": "important"
}
],
"title": "CVE-2023-2156"
},
{
"cve": "CVE-2023-2194",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2194"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds write vulnerability was found in the Linux kernel\u0027s SLIMpro I2C device driver. The userspace \"data-\u003eblock[0]\" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could allow a local privileged user to crash the system or potentially achieve code execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2194",
"url": "https://www.suse.com/security/cve/CVE-2023-2194"
},
{
"category": "external",
"summary": "SUSE Bug 1210715 for CVE-2023-2194",
"url": "https://bugzilla.suse.com/1210715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-2194"
},
{
"cve": "CVE-2023-23586",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-23586"
}
],
"notes": [
{
"category": "general",
"text": "Due to a vulnerability in the io_uring subsystem, it is possible to leak kernel memory information to the user process. timens_install calls current_is_single_threaded to determine if the current process is single-threaded, but this call does not consider io_uring\u0027s io_worker threads, thus it is possible to insert a time namespace\u0027s vvar page to process\u0027s memory space via a page fault. When this time namespace is destroyed, the vvar page is also freed, but not removed from the process\u0027 memory, and a next page allocated by the kernel will be still available from the user-space process and can leak memory contents via this (read-only) use-after-free vulnerability. We recommend upgrading past version 5.10.161 or commit 788d0824269bef539fe31a785b1517882eafed93 https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/io_uring \n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-23586",
"url": "https://www.suse.com/security/cve/CVE-2023-23586"
},
{
"category": "external",
"summary": "SUSE Bug 1208474 for CVE-2023-23586",
"url": "https://bugzilla.suse.com/1208474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-23586"
},
{
"cve": "CVE-2023-2483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2483"
}
],
"notes": [
{
"category": "general",
"text": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-33203. Reason: This candidate is a reservation duplicate of CVE-2023-33203. Notes: All CVE users should reference CVE-2023-33203 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2483",
"url": "https://www.suse.com/security/cve/CVE-2023-2483"
},
{
"category": "external",
"summary": "SUSE Bug 1211037 for CVE-2023-2483",
"url": "https://bugzilla.suse.com/1211037"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-2483"
},
{
"cve": "CVE-2023-2513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2513"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability was found in the Linux kernel\u0027s ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2513",
"url": "https://www.suse.com/security/cve/CVE-2023-2513"
},
{
"category": "external",
"summary": "SUSE Bug 1211105 for CVE-2023-2513",
"url": "https://bugzilla.suse.com/1211105"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-2513"
},
{
"cve": "CVE-2023-31084",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-31084"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event, down(\u0026fepriv-\u003esem) is called. However, wait_event_interruptible would put the process to sleep, and down(\u0026fepriv-\u003esem) may block the process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-31084",
"url": "https://www.suse.com/security/cve/CVE-2023-31084"
},
{
"category": "external",
"summary": "SUSE Bug 1210783 for CVE-2023-31084",
"url": "https://bugzilla.suse.com/1210783"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-31084"
},
{
"cve": "CVE-2023-31436",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-31436"
}
],
"notes": [
{
"category": "general",
"text": "qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-31436",
"url": "https://www.suse.com/security/cve/CVE-2023-31436"
},
{
"category": "external",
"summary": "SUSE Bug 1210940 for CVE-2023-31436",
"url": "https://bugzilla.suse.com/1210940"
},
{
"category": "external",
"summary": "SUSE Bug 1211260 for CVE-2023-31436",
"url": "https://bugzilla.suse.com/1211260"
},
{
"category": "external",
"summary": "SUSE Bug 1213841 for CVE-2023-31436",
"url": "https://bugzilla.suse.com/1213841"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-31436",
"url": "https://bugzilla.suse.com/1213842"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2023-31436",
"url": "https://bugzilla.suse.com/1214128"
},
{
"category": "external",
"summary": "SUSE Bug 1223091 for CVE-2023-31436",
"url": "https://bugzilla.suse.com/1223091"
},
{
"category": "external",
"summary": "SUSE Bug 1224419 for CVE-2023-31436",
"url": "https://bugzilla.suse.com/1224419"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:53Z",
"details": "important"
}
],
"title": "CVE-2023-31436"
},
{
"cve": "CVE-2023-32233",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-32233"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-32233",
"url": "https://www.suse.com/security/cve/CVE-2023-32233"
},
{
"category": "external",
"summary": "SUSE Bug 1211043 for CVE-2023-32233",
"url": "https://bugzilla.suse.com/1211043"
},
{
"category": "external",
"summary": "SUSE Bug 1211187 for CVE-2023-32233",
"url": "https://bugzilla.suse.com/1211187"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:53Z",
"details": "important"
}
],
"title": "CVE-2023-32233"
},
{
"cve": "CVE-2023-32269",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-32269"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-32269",
"url": "https://www.suse.com/security/cve/CVE-2023-32269"
},
{
"category": "external",
"summary": "SUSE Bug 1211186 for CVE-2023-32269",
"url": "https://bugzilla.suse.com/1211186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-32269"
},
{
"cve": "CVE-2023-33288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-33288"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 6.2.9. A use-after-free was found in bq24190_remove in drivers/power/supply/bq24190_charger.c. It could allow a local attacker to crash the system due to a race condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-33288",
"url": "https://www.suse.com/security/cve/CVE-2023-33288"
},
{
"category": "external",
"summary": "SUSE Bug 1211590 for CVE-2023-33288",
"url": "https://bugzilla.suse.com/1211590"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.130.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.130.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-13T15:39:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-33288"
}
]
}
SUSE-SU-2023:2506-1
Vulnerability from csaf_suse - Published: 2023-06-14 07:24 - Updated: 2023-06-14 07:24Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 11 SP4 LTSS EXTREME CORE kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).
- CVE-2023-32269: Fixed a use-after-free in af_netrom.c, related to the fact that accept() was also allowed for a successfully connected AF_NETROM socket (bsc#1211186).
- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).
- CVE-2017-5753: Fixed spectre vulnerability in prlimit (bsc#1209256).
- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).
- CVE-2023-1513: Fixed an uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak (bsc#1209532).
- CVE-2023-28328: Fixed a denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c (bsc#1209291).
- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
- CVE-2018-9517: Fixed possible memory corruption due to a use after free in pppol2tp_connect (bsc#1108488).
- CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).
- CVE-2023-23559: Fixed integer overflow in rndis_wlan that leads to a buffer overflow (bsc#1207051).
- CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler (bsc#1207036).
- CVE-2023-23455: Fixed a denial of service inside atm_tc_enqueue in net/sched/sch_atm.c because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results) (bsc#1207125).
- CVE-2022-3567: Fixed a to race condition in inet6_stream_ops()/inet6_dgram_ops() (bsc#1204414).
The following non-security bugs were fixed:
- Do not sign the vanilla kernel (bsc#1209008).
- do not fallthrough in cbq_classify and stop on TC_ACT_SHOT
Patchnames: SUSE-2023-2506,SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2023-2506
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.6 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.3 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
4.4 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
103 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 11 SP4 LTSS EXTREME CORE kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).\n- CVE-2023-32269: Fixed a use-after-free in af_netrom.c, related to the fact that accept() was also allowed for a successfully connected AF_NETROM socket (bsc#1211186).\n- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).\n- CVE-2017-5753: Fixed spectre vulnerability in prlimit (bsc#1209256).\n- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).\n- CVE-2023-1513: Fixed an uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak (bsc#1209532).\n- CVE-2023-28328: Fixed a denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c (bsc#1209291).\n- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).\n- CVE-2018-9517: Fixed possible memory corruption due to a use after free in pppol2tp_connect (bsc#1108488).\n- CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).\n- CVE-2023-23559: Fixed integer overflow in rndis_wlan that leads to a buffer overflow (bsc#1207051).\n- CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler (bsc#1207036).\n- CVE-2023-23455: Fixed a denial of service inside atm_tc_enqueue in net/sched/sch_atm.c because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results) (bsc#1207125).\n- CVE-2022-3567: Fixed a to race condition in inet6_stream_ops()/inet6_dgram_ops() (bsc#1204414).\n\nThe following non-security bugs were fixed:\n\n- Do not sign the vanilla kernel (bsc#1209008).\n- do not fallthrough in cbq_classify and stop on TC_ACT_SHOT\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-2506,SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2023-2506",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2506-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:2506-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232506-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:2506-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2023-June/029875.html"
},
{
"category": "self",
"summary": "SUSE Bug 1108488",
"url": "https://bugzilla.suse.com/1108488"
},
{
"category": "self",
"summary": "SUSE Bug 1204414",
"url": "https://bugzilla.suse.com/1204414"
},
{
"category": "self",
"summary": "SUSE Bug 1207036",
"url": "https://bugzilla.suse.com/1207036"
},
{
"category": "self",
"summary": "SUSE Bug 1207051",
"url": "https://bugzilla.suse.com/1207051"
},
{
"category": "self",
"summary": "SUSE Bug 1207125",
"url": "https://bugzilla.suse.com/1207125"
},
{
"category": "self",
"summary": "SUSE Bug 1207795",
"url": "https://bugzilla.suse.com/1207795"
},
{
"category": "self",
"summary": "SUSE Bug 1208837",
"url": "https://bugzilla.suse.com/1208837"
},
{
"category": "self",
"summary": "SUSE Bug 1209008",
"url": "https://bugzilla.suse.com/1209008"
},
{
"category": "self",
"summary": "SUSE Bug 1209256",
"url": "https://bugzilla.suse.com/1209256"
},
{
"category": "self",
"summary": "SUSE Bug 1209291",
"url": "https://bugzilla.suse.com/1209291"
},
{
"category": "self",
"summary": "SUSE Bug 1209532",
"url": "https://bugzilla.suse.com/1209532"
},
{
"category": "self",
"summary": "SUSE Bug 1209871",
"url": "https://bugzilla.suse.com/1209871"
},
{
"category": "self",
"summary": "SUSE Bug 1210336",
"url": "https://bugzilla.suse.com/1210336"
},
{
"category": "self",
"summary": "SUSE Bug 1210647",
"url": "https://bugzilla.suse.com/1210647"
},
{
"category": "self",
"summary": "SUSE Bug 1211186",
"url": "https://bugzilla.suse.com/1211186"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5753 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-9517 page",
"url": "https://www.suse.com/security/cve/CVE-2018-9517/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3567 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3567/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0590 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1118 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1118/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1513 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1513/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1670 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1989 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2162 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-23454 page",
"url": "https://www.suse.com/security/cve/CVE-2023-23454/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-23455 page",
"url": "https://www.suse.com/security/cve/CVE-2023-23455/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-23559 page",
"url": "https://www.suse.com/security/cve/CVE-2023-23559/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-28328 page",
"url": "https://www.suse.com/security/cve/CVE-2023-28328/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-32269 page",
"url": "https://www.suse.com/security/cve/CVE-2023-32269/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2023-06-14T07:24:44Z",
"generator": {
"date": "2023-06-14T07:24:44Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:2506-1",
"initial_release_date": "2023-06-14T07:24:44Z",
"revision_history": [
{
"date": "2023-06-14T07:24:44Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-debug-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-debug-3.0.101-108.141.1.i586",
"product_id": "kernel-debug-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-debug-base-3.0.101-108.141.1.i586",
"product_id": "kernel-debug-base-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-debug-devel-3.0.101-108.141.1.i586",
"product_id": "kernel-debug-devel-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-debug-extra-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-debug-extra-3.0.101-108.141.1.i586",
"product_id": "kernel-debug-extra-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-debug-hmac-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-debug-hmac-3.0.101-108.141.1.i586",
"product_id": "kernel-debug-hmac-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-default-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-default-3.0.101-108.141.1.i586",
"product_id": "kernel-default-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-default-base-3.0.101-108.141.1.i586",
"product_id": "kernel-default-base-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-default-devel-3.0.101-108.141.1.i586",
"product_id": "kernel-default-devel-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-default-extra-3.0.101-108.141.1.i586",
"product_id": "kernel-default-extra-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-default-hmac-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-default-hmac-3.0.101-108.141.1.i586",
"product_id": "kernel-default-hmac-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-ec2-3.0.101-108.141.1.i586",
"product_id": "kernel-ec2-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-base-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-ec2-base-3.0.101-108.141.1.i586",
"product_id": "kernel-ec2-base-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-devel-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-ec2-devel-3.0.101-108.141.1.i586",
"product_id": "kernel-ec2-devel-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-extra-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-ec2-extra-3.0.101-108.141.1.i586",
"product_id": "kernel-ec2-extra-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-hmac-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-ec2-hmac-3.0.101-108.141.1.i586",
"product_id": "kernel-ec2-hmac-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-pae-3.0.101-108.141.1.i586",
"product_id": "kernel-pae-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-base-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-pae-base-3.0.101-108.141.1.i586",
"product_id": "kernel-pae-base-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-devel-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-pae-devel-3.0.101-108.141.1.i586",
"product_id": "kernel-pae-devel-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-extra-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-pae-extra-3.0.101-108.141.1.i586",
"product_id": "kernel-pae-extra-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-hmac-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-pae-hmac-3.0.101-108.141.1.i586",
"product_id": "kernel-pae-hmac-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-source-3.0.101-108.141.1.i586",
"product_id": "kernel-source-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-source-vanilla-3.0.101-108.141.1.i586",
"product_id": "kernel-source-vanilla-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-syms-3.0.101-108.141.1.i586",
"product_id": "kernel-syms-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-trace-3.0.101-108.141.1.i586",
"product_id": "kernel-trace-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-base-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-trace-base-3.0.101-108.141.1.i586",
"product_id": "kernel-trace-base-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-devel-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-trace-devel-3.0.101-108.141.1.i586",
"product_id": "kernel-trace-devel-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-extra-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-trace-extra-3.0.101-108.141.1.i586",
"product_id": "kernel-trace-extra-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-hmac-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-trace-hmac-3.0.101-108.141.1.i586",
"product_id": "kernel-trace-hmac-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-vanilla-3.0.101-108.141.1.i586",
"product_id": "kernel-vanilla-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-vanilla-base-3.0.101-108.141.1.i586",
"product_id": "kernel-vanilla-base-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-vanilla-devel-3.0.101-108.141.1.i586",
"product_id": "kernel-vanilla-devel-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-hmac-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-vanilla-hmac-3.0.101-108.141.1.i586",
"product_id": "kernel-vanilla-hmac-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-xen-3.0.101-108.141.1.i586",
"product_id": "kernel-xen-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-xen-base-3.0.101-108.141.1.i586",
"product_id": "kernel-xen-base-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-xen-devel-3.0.101-108.141.1.i586",
"product_id": "kernel-xen-devel-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-extra-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-xen-extra-3.0.101-108.141.1.i586",
"product_id": "kernel-xen-extra-3.0.101-108.141.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-hmac-3.0.101-108.141.1.i586",
"product": {
"name": "kernel-xen-hmac-3.0.101-108.141.1.i586",
"product_id": "kernel-xen-hmac-3.0.101-108.141.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.141.1.ia64",
"product": {
"name": "kernel-source-3.0.101-108.141.1.ia64",
"product_id": "kernel-source-3.0.101-108.141.1.ia64"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-3.0.101-108.141.1.ia64",
"product": {
"name": "kernel-source-vanilla-3.0.101-108.141.1.ia64",
"product_id": "kernel-source-vanilla-3.0.101-108.141.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-docs-3.0.101-108.141.1.noarch",
"product": {
"name": "kernel-docs-3.0.101-108.141.1.noarch",
"product_id": "kernel-docs-3.0.101-108.141.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.141.1.ppc",
"product": {
"name": "kernel-source-3.0.101-108.141.1.ppc",
"product_id": "kernel-source-3.0.101-108.141.1.ppc"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-3.0.101-108.141.1.ppc",
"product": {
"name": "kernel-source-vanilla-3.0.101-108.141.1.ppc",
"product_id": "kernel-source-vanilla-3.0.101-108.141.1.ppc"
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.141.1.ppc64",
"product": {
"name": "kernel-source-3.0.101-108.141.1.ppc64",
"product_id": "kernel-source-3.0.101-108.141.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-3.0.101-108.141.1.ppc64",
"product": {
"name": "kernel-source-vanilla-3.0.101-108.141.1.ppc64",
"product_id": "kernel-source-vanilla-3.0.101-108.141.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.141.1.s390",
"product": {
"name": "kernel-source-3.0.101-108.141.1.s390",
"product_id": "kernel-source-3.0.101-108.141.1.s390"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-3.0.101-108.141.1.s390",
"product": {
"name": "kernel-source-vanilla-3.0.101-108.141.1.s390",
"product_id": "kernel-source-vanilla-3.0.101-108.141.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.141.1.s390x",
"product": {
"name": "kernel-source-3.0.101-108.141.1.s390x",
"product_id": "kernel-source-3.0.101-108.141.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-3.0.101-108.141.1.s390x",
"product": {
"name": "kernel-source-vanilla-3.0.101-108.141.1.s390x",
"product_id": "kernel-source-vanilla-3.0.101-108.141.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-debug-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-debug-3.0.101-108.141.1.x86_64",
"product_id": "kernel-debug-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-debug-base-3.0.101-108.141.1.x86_64",
"product_id": "kernel-debug-base-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-debug-devel-3.0.101-108.141.1.x86_64",
"product_id": "kernel-debug-devel-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-extra-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-debug-extra-3.0.101-108.141.1.x86_64",
"product_id": "kernel-debug-extra-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-hmac-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-debug-hmac-3.0.101-108.141.1.x86_64",
"product_id": "kernel-debug-hmac-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-default-3.0.101-108.141.1.x86_64",
"product_id": "kernel-default-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-default-base-3.0.101-108.141.1.x86_64",
"product_id": "kernel-default-base-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-default-devel-3.0.101-108.141.1.x86_64",
"product_id": "kernel-default-devel-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-default-extra-3.0.101-108.141.1.x86_64",
"product_id": "kernel-default-extra-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-hmac-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-default-hmac-3.0.101-108.141.1.x86_64",
"product_id": "kernel-default-hmac-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-ec2-3.0.101-108.141.1.x86_64",
"product_id": "kernel-ec2-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-base-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-ec2-base-3.0.101-108.141.1.x86_64",
"product_id": "kernel-ec2-base-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"product_id": "kernel-ec2-devel-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-extra-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-ec2-extra-3.0.101-108.141.1.x86_64",
"product_id": "kernel-ec2-extra-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-hmac-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-ec2-hmac-3.0.101-108.141.1.x86_64",
"product_id": "kernel-ec2-hmac-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-source-3.0.101-108.141.1.x86_64",
"product_id": "kernel-source-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-source-vanilla-3.0.101-108.141.1.x86_64",
"product_id": "kernel-source-vanilla-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-syms-3.0.101-108.141.1.x86_64",
"product_id": "kernel-syms-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-trace-3.0.101-108.141.1.x86_64",
"product_id": "kernel-trace-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-base-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-trace-base-3.0.101-108.141.1.x86_64",
"product_id": "kernel-trace-base-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-devel-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-trace-devel-3.0.101-108.141.1.x86_64",
"product_id": "kernel-trace-devel-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-extra-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-trace-extra-3.0.101-108.141.1.x86_64",
"product_id": "kernel-trace-extra-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-hmac-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-trace-hmac-3.0.101-108.141.1.x86_64",
"product_id": "kernel-trace-hmac-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-vanilla-3.0.101-108.141.1.x86_64",
"product_id": "kernel-vanilla-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-vanilla-base-3.0.101-108.141.1.x86_64",
"product_id": "kernel-vanilla-base-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-vanilla-devel-3.0.101-108.141.1.x86_64",
"product_id": "kernel-vanilla-devel-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-hmac-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-vanilla-hmac-3.0.101-108.141.1.x86_64",
"product_id": "kernel-vanilla-hmac-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-xen-3.0.101-108.141.1.x86_64",
"product_id": "kernel-xen-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-xen-base-3.0.101-108.141.1.x86_64",
"product_id": "kernel-xen-base-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-xen-devel-3.0.101-108.141.1.x86_64",
"product_id": "kernel-xen-devel-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-extra-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-xen-extra-3.0.101-108.141.1.x86_64",
"product_id": "kernel-xen-extra-3.0.101-108.141.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-hmac-3.0.101-108.141.1.x86_64",
"product": {
"name": "kernel-xen-hmac-3.0.101-108.141.1.x86_64",
"product_id": "kernel-xen-hmac-3.0.101-108.141.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-108.141.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64"
},
"product_reference": "kernel-default-3.0.101-108.141.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-108.141.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64"
},
"product_reference": "kernel-default-base-3.0.101-108.141.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-108.141.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64"
},
"product_reference": "kernel-default-devel-3.0.101-108.141.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.0.101-108.141.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64"
},
"product_reference": "kernel-ec2-3.0.101-108.141.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-base-3.0.101-108.141.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64"
},
"product_reference": "kernel-ec2-base-3.0.101-108.141.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.0.101-108.141.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64"
},
"product_reference": "kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-108.141.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64"
},
"product_reference": "kernel-source-3.0.101-108.141.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-108.141.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64"
},
"product_reference": "kernel-syms-3.0.101-108.141.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-108.141.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64"
},
"product_reference": "kernel-trace-3.0.101-108.141.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-108.141.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64"
},
"product_reference": "kernel-trace-base-3.0.101-108.141.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-108.141.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64"
},
"product_reference": "kernel-trace-devel-3.0.101-108.141.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.0.101-108.141.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64"
},
"product_reference": "kernel-xen-3.0.101-108.141.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.0.101-108.141.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64"
},
"product_reference": "kernel-xen-base-3.0.101-108.141.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.0.101-108.141.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.0.101-108.141.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-5753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5753"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5753",
"url": "https://www.suse.com/security/cve/CVE-2017-5753"
},
{
"category": "external",
"summary": "SUSE Bug 1068032 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "external",
"summary": "SUSE Bug 1074562 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1074562"
},
{
"category": "external",
"summary": "SUSE Bug 1074578 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1074578"
},
{
"category": "external",
"summary": "SUSE Bug 1074701 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1074701"
},
{
"category": "external",
"summary": "SUSE Bug 1075006 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1075006"
},
{
"category": "external",
"summary": "SUSE Bug 1075419 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1075419"
},
{
"category": "external",
"summary": "SUSE Bug 1075748 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1075748"
},
{
"category": "external",
"summary": "SUSE Bug 1080039 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1080039"
},
{
"category": "external",
"summary": "SUSE Bug 1087084 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1087084"
},
{
"category": "external",
"summary": "SUSE Bug 1087939 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1087939"
},
{
"category": "external",
"summary": "SUSE Bug 1089055 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1089055"
},
{
"category": "external",
"summary": "SUSE Bug 1136865 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1136865"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1201877"
},
{
"category": "external",
"summary": "SUSE Bug 1209547 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1209547"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:44Z",
"details": "important"
}
],
"title": "CVE-2017-5753"
},
{
"cve": "CVE-2018-9517",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-9517"
}
],
"notes": [
{
"category": "general",
"text": "In pppol2tp_connect, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-38159931.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-9517",
"url": "https://www.suse.com/security/cve/CVE-2018-9517"
},
{
"category": "external",
"summary": "SUSE Bug 1108488 for CVE-2018-9517",
"url": "https://bugzilla.suse.com/1108488"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:44Z",
"details": "low"
}
],
"title": "CVE-2018-9517"
},
{
"cve": "CVE-2022-3567",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3567"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function inet6_stream_ops/inet6_dgram_ops of the component IPv6 Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211090 is the identifier assigned to this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3567",
"url": "https://www.suse.com/security/cve/CVE-2022-3567"
},
{
"category": "external",
"summary": "SUSE Bug 1204414 for CVE-2022-3567",
"url": "https://bugzilla.suse.com/1204414"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:44Z",
"details": "moderate"
}
],
"title": "CVE-2022-3567"
},
{
"cve": "CVE-2023-0590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0590"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0590",
"url": "https://www.suse.com/security/cve/CVE-2023-0590"
},
{
"category": "external",
"summary": "SUSE Bug 1207036 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207036"
},
{
"category": "external",
"summary": "SUSE Bug 1207795 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207795"
},
{
"category": "external",
"summary": "SUSE Bug 1207822 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207822"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1211495"
},
{
"category": "external",
"summary": "SUSE Bug 1211833 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1211833"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:44Z",
"details": "important"
}
],
"title": "CVE-2023-0590"
},
{
"cve": "CVE-2023-1118",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1118"
}
],
"notes": [
{
"category": "general",
"text": "A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1118",
"url": "https://www.suse.com/security/cve/CVE-2023-1118"
},
{
"category": "external",
"summary": "SUSE Bug 1208837 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1208837"
},
{
"category": "external",
"summary": "SUSE Bug 1208910 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1208910"
},
{
"category": "external",
"summary": "SUSE Bug 1210423 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1210423"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1211495"
},
{
"category": "external",
"summary": "SUSE Bug 1213841 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1213841"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1213842"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:44Z",
"details": "important"
}
],
"title": "CVE-2023-1118"
},
{
"cve": "CVE-2023-1513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1513"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1513",
"url": "https://www.suse.com/security/cve/CVE-2023-1513"
},
{
"category": "external",
"summary": "SUSE Bug 1209532 for CVE-2023-1513",
"url": "https://bugzilla.suse.com/1209532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:44Z",
"details": "low"
}
],
"title": "CVE-2023-1513"
},
{
"cve": "CVE-2023-1670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1670"
}
],
"notes": [
{
"category": "general",
"text": "A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1670",
"url": "https://www.suse.com/security/cve/CVE-2023-1670"
},
{
"category": "external",
"summary": "SUSE Bug 1209871 for CVE-2023-1670",
"url": "https://bugzilla.suse.com/1209871"
},
{
"category": "external",
"summary": "SUSE Bug 1222212 for CVE-2023-1670",
"url": "https://bugzilla.suse.com/1222212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:44Z",
"details": "moderate"
}
],
"title": "CVE-2023-1670"
},
{
"cve": "CVE-2023-1989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1989"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in btsdio_remove in drivers\\bluetooth\\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1989",
"url": "https://www.suse.com/security/cve/CVE-2023-1989"
},
{
"category": "external",
"summary": "SUSE Bug 1210336 for CVE-2023-1989",
"url": "https://bugzilla.suse.com/1210336"
},
{
"category": "external",
"summary": "SUSE Bug 1210500 for CVE-2023-1989",
"url": "https://bugzilla.suse.com/1210500"
},
{
"category": "external",
"summary": "SUSE Bug 1213841 for CVE-2023-1989",
"url": "https://bugzilla.suse.com/1213841"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-1989",
"url": "https://bugzilla.suse.com/1213842"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2023-1989",
"url": "https://bugzilla.suse.com/1214128"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:44Z",
"details": "important"
}
],
"title": "CVE-2023-1989"
},
{
"cve": "CVE-2023-2162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2162"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2162",
"url": "https://www.suse.com/security/cve/CVE-2023-2162"
},
{
"category": "external",
"summary": "SUSE Bug 1210647 for CVE-2023-2162",
"url": "https://bugzilla.suse.com/1210647"
},
{
"category": "external",
"summary": "SUSE Bug 1210662 for CVE-2023-2162",
"url": "https://bugzilla.suse.com/1210662"
},
{
"category": "external",
"summary": "SUSE Bug 1213841 for CVE-2023-2162",
"url": "https://bugzilla.suse.com/1213841"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-2162",
"url": "https://bugzilla.suse.com/1213842"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2023-2162",
"url": "https://bugzilla.suse.com/1214128"
},
{
"category": "external",
"summary": "SUSE Bug 1222212 for CVE-2023-2162",
"url": "https://bugzilla.suse.com/1222212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:44Z",
"details": "important"
}
],
"title": "CVE-2023-2162"
},
{
"cve": "CVE-2023-23454",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-23454"
}
],
"notes": [
{
"category": "general",
"text": "cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-23454",
"url": "https://www.suse.com/security/cve/CVE-2023-23454"
},
{
"category": "external",
"summary": "SUSE Bug 1207036 for CVE-2023-23454",
"url": "https://bugzilla.suse.com/1207036"
},
{
"category": "external",
"summary": "SUSE Bug 1207188 for CVE-2023-23454",
"url": "https://bugzilla.suse.com/1207188"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2023-23454",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208044 for CVE-2023-23454",
"url": "https://bugzilla.suse.com/1208044"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2023-23454",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1211833 for CVE-2023-23454",
"url": "https://bugzilla.suse.com/1211833"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:44Z",
"details": "important"
}
],
"title": "CVE-2023-23454"
},
{
"cve": "CVE-2023-23455",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-23455"
}
],
"notes": [
{
"category": "general",
"text": "atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-23455",
"url": "https://www.suse.com/security/cve/CVE-2023-23455"
},
{
"category": "external",
"summary": "SUSE Bug 1207036 for CVE-2023-23455",
"url": "https://bugzilla.suse.com/1207036"
},
{
"category": "external",
"summary": "SUSE Bug 1207125 for CVE-2023-23455",
"url": "https://bugzilla.suse.com/1207125"
},
{
"category": "external",
"summary": "SUSE Bug 1207189 for CVE-2023-23455",
"url": "https://bugzilla.suse.com/1207189"
},
{
"category": "external",
"summary": "SUSE Bug 1211833 for CVE-2023-23455",
"url": "https://bugzilla.suse.com/1211833"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:44Z",
"details": "important"
}
],
"title": "CVE-2023-23455"
},
{
"cve": "CVE-2023-23559",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-23559"
}
],
"notes": [
{
"category": "general",
"text": "In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-23559",
"url": "https://www.suse.com/security/cve/CVE-2023-23559"
},
{
"category": "external",
"summary": "SUSE Bug 1207051 for CVE-2023-23559",
"url": "https://bugzilla.suse.com/1207051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:44Z",
"details": "moderate"
}
],
"title": "CVE-2023-23559"
},
{
"cve": "CVE-2023-28328",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-28328"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially cause a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-28328",
"url": "https://www.suse.com/security/cve/CVE-2023-28328"
},
{
"category": "external",
"summary": "SUSE Bug 1209291 for CVE-2023-28328",
"url": "https://bugzilla.suse.com/1209291"
},
{
"category": "external",
"summary": "SUSE Bug 1222212 for CVE-2023-28328",
"url": "https://bugzilla.suse.com/1222212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:44Z",
"details": "moderate"
}
],
"title": "CVE-2023-28328"
},
{
"cve": "CVE-2023-32269",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-32269"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-32269",
"url": "https://www.suse.com/security/cve/CVE-2023-32269"
},
{
"category": "external",
"summary": "SUSE Bug 1211186 for CVE-2023-32269",
"url": "https://bugzilla.suse.com/1211186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.141.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.141.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:44Z",
"details": "moderate"
}
],
"title": "CVE-2023-32269"
}
]
}
SUSE-SU-2023:2507-1
Vulnerability from csaf_suse - Published: 2023-06-14 07:24 - Updated: 2023-06-14 07:24Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 12 SP5 AZURE kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-2269: Fixed a denial-of-service problem due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c (bsc#1210806).
- CVE-2022-3566: Fixed race condition in the TCP Handler (bsc#1204405).
- CVE-2022-45886: Fixed a .disconnect versus dvb_device_open race condition in dvb_net.c that lead to a use-after-free (bsc#1205760).
- CVE-2022-45885: Fixed a race condition in dvb_frontend.c that could cause a use-after-free when a device is disconnected (bsc#1205758).
- CVE-2022-45887: Fixed a memory leak in ttusb_dec.c caused by the lack of a dvb_frontend_detach call (bsc#1205762).
- CVE-2022-45919: Fixed a use-after-free in dvb_ca_en50221.c that could occur if there is a disconnect after an open, because of the lack of a wait_event (bsc#1205803).
- CVE-2022-45884: Fixed a use-after-free in dvbdev.c, related to dvb_register_device dynamically allocating fops (bsc#1205756).
- CVE-2023-31084: Fixed a blocking issue in drivers/media/dvb-core/dvb_frontend.c (bsc#1210783).
- CVE-2023-31436: Fixed an out-of-bounds write in qfq_change_class() because lmax can exceed QFQ_MIN_LMAX (bsc#1210940).
- CVE-2023-2194: Fixed an out-of-bounds write vulnerability in the SLIMpro I2C device driver (bsc#1210715).
- CVE-2023-32269: Fixed a use-after-free in af_netrom.c, related to the fact that accept() was also allowed for a successfully connected AF_NETROM socket (bsc#1211186).
- CVE-2023-28466: Fixed race condition that could lead to use-after-free or NULL pointer dereference in do_tls_getsockopt in net/tls/tls_main.c (bsc#1209366).
- CVE-2023-1380: Fixed a slab-out-of-bound read problem in brcmf_get_assoc_ies() (bsc#1209287).
- CVE-2023-2513: Fixed a use-after-free vulnerability in the ext4 filesystem (bsc#1211105).
- CVE-2023-2176: Fixed an out-of-boundary read in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA (bsc#1210629).
The following non-security bugs were fixed:
- ACPI: processor: Fix evaluating _PDC method when running as Xen dom0 (git-fixes).
- Documentation: Document sysfs interfaces purr, spurr, idle_purr, idle_spurr (PED-3947 bsc#1210544 ltc#202303).
- Drivers: hv: vmbus: Optimize vmbus_on_event (bsc#1211622).
- Fix usrmerge error (boo#1211796)
- IB/hfi1: Assign npages earlier (git-fixes)
- IB/iser: bound protection_sg size by data_sg size (git-fixes)
- IB/mlx4: Fix memory leaks (git-fixes)
- IB/mlx4: Increase the timeout for CM cache (git-fixes)
- IB/mlx5: Fix initializing CQ fragments buffer (git-fixes)
- IB/rdmavt: Add __init/__exit annotations to module init/exit funcs (git-fixes)
- IB/usnic: Fix potential deadlock (git-fixes)
- KVM: nSVM: clear events pending from svm_complete_interrupts() when exiting to L1 (git-fixes).
- KVM: x86: Update the exit_qualification access bits while walking an address (git-fixes).
- KVM: x86: avoid misreporting level-triggered irqs as edge-triggered in tracing (git-fixes).
- KVM: x86: emulator: em_sysexit should update ctxt->mode (git-fixes).
- KVM: x86: emulator: introduce emulator_recalc_and_set_mode (git-fixes).
- KVM: x86: emulator: update the emulation mode after CR0 write (git-fixes).
- KVM: x86: fix empty-body warnings (git-fixes).
- KVM: x86: fix incorrect comparison in trace event (git-fixes).
- KVM: x86: svm: report MSR_IA32_MCG_EXT_CTL as unsupported (git-fixes).
- Move upstreamed media fixes into sorted section
- PCI: Add ACS quirks for Cavium multi-function devices (git-fixes).
- PCI: Call Max Payload Size-related fixup quirks early (git-fixes).
- PCI: Mark Atheros QCA6174 to avoid bus reset (git-fixes).
- PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported (git-fixes).
- PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure (git-fixes).
- PCI: aardvark: Configure PCIe resources from 'ranges' DT property (git-fixes).
- PCI: aardvark: Fix PCIe Max Payload Size setting (git-fixes).
- PCI: aardvark: Fix checking for PIO status (git-fixes).
- PCI: aardvark: Fix masking and unmasking legacy INTx interrupts (git-fixes).
- PCI: aardvark: Increase polling delay to 1.5s while waiting for PIO response (git-fixes).
- PCI: xilinx-nwl: Enable the clock through CCF (git-fixes).
- RDMA/bnxt_re: Restrict the max_gids to 256 (git-fixes)
- RDMA/cma: Do not change route.addr.src_addr.ss_family (git-fixes)
- RDMA/cma: Fix rdma_resolve_route() memory leak (git-fixes)
- RDMA/core: Do not access cm_id after its destruction (git-fixes)
- RDMA/cxgb4: Fix missing error code in create_qp() (git-fixes)
- RDMA/hfi1: Prevent panic when SDMA is disabled (git-fixes)
- RDMA/hns: Bugfix for querying qkey (git-fixes)
- RDMA/i40iw: Fix potential use after free (git-fixes)
- RDMA/iw_cgxb4: Fix an error handling path in 'c4iw_connect()' (git-fixes)
- RDMA/mlx4: Prevent shift wrapping in set_user_sq_size() (git-fixes)
- RDMA/mlx5: Block delay drop to unprivileged users (git-fixes)
- RDMA/rxe: Fix error type of mmap_offset (git-fixes)
- RDMA/srp: Move large values to a new enum for gcc13 (git-fixes)
- RDMA/srp: Propagate ib_post_send() failures to the SCSI mid-layer (git-fixes)
- RDMA/usnic: fix set-but-not-unused variable 'flags' warning (git-fixes)
- RDMa/mthca: Work around -Wenum-conversion warning (git-fixes)
- RDS: IB: Fix null pointer issue (git-fixes).
- USB: core: Add routines for endpoint checks in old drivers (git-fixes).
- USB: sisusbvga: Add endpoint checks (git-fixes).
- Update patch reference for libata fix (bsc#1118212).
- adm8211: fix error return code in adm8211_probe() (git-fixes).
- backlight: lm3630a: Fix return code of .update_status() callback (bsc#1129770)
- blacklist.conf: workqueue: Cosmetic change. Not worth backporting (bsc#1211275)
- bonding: show full hw address in sysfs for slave entries (git-fixes).
- ceph: force updating the msg pointer in non-split case (bsc#1211801).
- cpuidle/powernv: avoid double irq enable coming out of idle (PED-3947 bsc#1210544 ltc#202303).
- cpuidle: powerpc: cpuidle set polling before enabling irqs (PED-3947 bsc#1210544 ltc#202303).
- cpuidle: powerpc: no memory barrier after break from idle (PED-3947 bsc#1210544 ltc#202303).
- cpuidle: powerpc: read mostly for common globals (PED-3947 bsc#1210544 ltc#202303).
- ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h (bsc#1206878).
- f2fs: Fix f2fs_truncate_partial_nodes ftrace event (git-fixes).
- fbcon: Check font dimension limits (bsc#1154048)
- fbdev: uvesafb: Fixes an error handling path in uvesafb_probe() (bsc#1154048)
- fix kcm_clone() (git-fixes).
- fotg210-udc: Add missing completion handler (git-fixes).
- ip6_tunnel: allow ip6gre dev mtu to be set below 1280 (git-fixes).
- ip6_tunnel: fix IFLA_MTU ignored on NEWLINK (git-fixes).
- ipoib: correcly show a VF hardware address (git-fixes)
- ipv4: ipv4_default_advmss() should use route mtu (git-fixes).
- ipv6: Reinject IPv6 packets if IPsec policy matches after SNAT (git-fixes).
- ipv6: icmp6: Allow icmp messages to be looped back (git-fixes).
- ipv6: sr: fix out-of-bounds read when setting HMAC data (bsc#1211592).
- kcm: Check if sk_user_data already set in kcm_attach (git-fixes).
- kernel-binary: install expoline.o (boo#1210791 bsc#1211089)
- kernel-source: Remove unused macro variant_symbols
- kernel-spec-macros: Fix up obsolete_rebuilds_subpackage to generate obsoletes correctly (boo#1172073 bsc#1191731).
- kvm: mmu: Do not read PDPTEs when paging is not enabled (git-fixes).
- l2tp: remove configurable payload offset (git-fixes).
- l2tp: remove l2specific_len dependency in l2tp_core (git-fixes).
- libata: add horkage for ASMedia 1092 (git-fixes).
- mac80211: choose first enabled channel for monitor (git-fixes).
- mac80211: drop multicast fragments (git-fixes).
- mac80211: fix fast-rx encryption check (git-fixes).
- mac80211: pause TX while changing interface type (git-fixes).
- media: radio-shark: Add endpoint checks (git-fixes).
- mlx4: Use snprintf instead of complicated strcpy (git-fixes)
- mwl8k: Fix a double Free in mwl8k_probe_hw (git-fixes).
- net/iucv: Fix size of interrupt data (bsc#1211466).
- net/mlx4_core: Fix return codes of unsupported operations (git-fixes).
- net/tcp/illinois: replace broken algorithm reference link (git-fixes).
- net: Extra '_get' in declaration of arch_get_platform_mac_address (git-fixes).
- net: altera_tse: fix connect_local_phy error path (git-fixes).
- net: altera_tse: fix msgdma_tx_completion on non-zero fill_level case (git-fixes).
- net: amd: add missing of_node_put() (git-fixes).
- net: arc_emac: fix arc_emac_rx() error paths (git-fixes).
- net: broadcom: fix return type of ndo_start_xmit function (git-fixes).
- net: davinci_emac: match the mdio device against its compatible if possible (git-fixes).
- net: dsa: b53: Add BCM5389 support (git-fixes).
- net: dsa: bcm_sf2: Turn on PHY to allow successful registration (git-fixes).
- net: dsa: mt7530: fix module autoloading for OF platform drivers (git-fixes).
- net: dsa: qca8k: Add support for QCA8334 switch (git-fixes).
- net: emac: fix fixed-link setup for the RTL8363SB switch (git-fixes).
- net: ethernet: ti: cpsw-phy-sel: check bus_find_device() ret value (git-fixes).
- net: faraday: fix return type of ndo_start_xmit function (git-fixes).
- net: hisilicon: remove unexpected free_netdev (git-fixes).
- net: hns3: fix return type of ndo_start_xmit function (git-fixes).
- net: hns: Fix wrong read accesses via Clause 45 MDIO protocol (git-fixes).
- net: ibm: fix possible object reference leak (git-fixes).
- net: ipv6: send NS for DAD when link operationally up (git-fixes).
- net: mediatek: setup proper state for disabled GMAC on the default (git-fixes).
- net: micrel: fix return type of ndo_start_xmit function (git-fixes).
- net: mvneta: fix enable of all initialized RXQs (git-fixes).
- net: netxen: fix a missing check and an uninitialized use (git-fixes).
- net: propagate dev_get_valid_name return code (git-fixes).
- net: qca_spi: Fix log level if probe fails (git-fixes).
- net: qcom/emac: Use proper free methods during TX (git-fixes).
- net: qla3xxx: Remove overflowing shift statement (git-fixes).
- net: smsc: fix return type of ndo_start_xmit function (git-fixes).
- net: stmmac: do not log oversized frames (git-fixes).
- net: stmmac: fix dropping of multi-descriptor RX frames (git-fixes).
- net: sun: fix return type of ndo_start_xmit function (git-fixes).
- net: toshiba: fix return type of ndo_start_xmit function (git-fixes).
- net: xfrm: allow clearing socket xfrm policies (git-fixes).
- net: xilinx: fix return type of ndo_start_xmit function (git-fixes).
- netfilter: ebtables: convert BUG_ONs to WARN_ONs (git-fixes).
- netfilter: ipt_CLUSTERIP: put config instead of freeing it (git-fixes).
- netfilter: ipt_CLUSTERIP: put config struct if we can't increment ct refcount (git-fixes).
- nvme-pci: avoid the deepest sleep state on Kingston A2000 SSDs (git-fixes).
- nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags (git-fixes).
- nvme-pci: unquiesce admin queue on shutdown (git-fixes).
- nvme-pci: use the same attributes when freeing host_mem_desc_bufs (git-fixes).
- nvme: Fix u32 overflow in the number of namespace list calculation (git-fixes).
- nvme: free sq/cq dbbuf pointers when dbbuf set fails (git-fixes).
- nvme: refine the Qemu Identify CNS quirk (git-fixes).
- nvme: remove the ifdef around nvme_nvm_ioctl (git-fixes).
- platform/x86: alienware-wmi: Adjust instance of wmi_evaluate_method calls to 0 (git-fixes).
- platform/x86: alienware-wmi: constify attribute_group structures (git-fixes).
- platform/x86: alienware-wmi: fix format string overflow warning (git-fixes).
- platform/x86: alienware-wmi: fix kfree on potentially uninitialized pointer (git-fixes).
- platform/x86: dell-laptop: fix rfkill functionality.
- platform/x86: dell-smbios-wmi: Add missing kfree in error-exit from run_smbios_call (git-fixes).
- platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (git-fixes).
- powerpc/idle: Store PURR snapshot in a per-cpu global variable (PED-3947 bsc#1210544 ltc#202303).
- powerpc/pseries: Account for SPURR ticks on idle CPUs (PED-3947 bsc#1210544 ltc#202303).
- powerpc/rtas: use memmove for potentially overlapping buffer copy (bsc#1065729).
- powerpc/sysfs: Show idle_purr and idle_spurr for every CPU (PED-3947 bsc#1210544 ltc#202303).
- powerpc: Do not try to copy PPR for task with NULL pt_regs (bsc#1065729).
- powerpc: Move idle_loop_prolog()/epilog() functions to header file (PED-3947 bsc#1210544 ltc#202303).
- powerpc: Squash lines for simple wrapper functions (bsc#1065729).
- rds; Reset rs->rs_bound_addr in rds_add_bound() failure path (git-fixes).
- ring-buffer: Ensure proper resetting of atomic variables in ring_buffer_reset_online_cpus (git-fixes).
- ring-buffer: Sync IRQ works before buffer destruction (git-fixes).
- rpm/constraints.in: Increase disk size constraint for riscv64 to 52GB
- rpm/kernel-binary.spec.in: Fix missing kernel-preempt-devel and KMP Provides (bsc#1199046)
- rxe: IB_WR_REG_MR does not capture MR's iova field (git-fixes)
- s390/dasd: correct numa_node in dasd_alloc_queue (git-fixes bsc#1211362).
- s390/extmem: fix gcc 8 stringop-overflow warning (git-fixes bsc#1211363).
- s390/kasan: fix early pgm check handler execution (git-fixes bsc#1211360).
- s390/pci: fix sleeping in atomic during hotplug (git-fixes bsc#1211364).
- s390/scm_blk: correct numa_node in scm_blk_dev_setup (git-fixes bsc#1211365).
- s390/sysinfo: add missing #ifdef CONFIG_PROC_FS (git-fixes bsc#1211366).
- s390/uaccess: add missing earlyclobber annotations to __clear_user() (LTC#202116 bsc#1209857 git-fixes).
- s390: ctcm: fix ctcm_new_device error return code (git-fixes bsc#1211361).
- scsi: qla2xxx: Declare SCSI host template const (bsc#1211960).
- scsi: qla2xxx: Drop redundant pci_enable_pcie_error_reporting() (bsc#1211960).
- scsi: qla2xxx: Fix hang in task management (bsc#1211960).
- scsi: qla2xxx: Fix hang in task management (bsc#1211960).
- scsi: qla2xxx: Fix mem access after free (bsc#1211960).
- scsi: qla2xxx: Fix mem access after free (bsc#1211960).
- scsi: qla2xxx: Fix task management cmd fail due to unavailable resource (bsc#1211960).
- scsi: qla2xxx: Fix task management cmd fail due to unavailable resource (bsc#1211960).
- scsi: qla2xxx: Fix task management cmd failure (bsc#1211960).
- scsi: qla2xxx: Fix task management cmd failure (bsc#1211960).
- scsi: qla2xxx: Multi-que support for TMF (bsc#1211960).
- scsi: qla2xxx: Multi-que support for TMF (bsc#1211960).
- scsi: qla2xxx: Refer directly to the qla2xxx_driver_template (bsc#1211960).
- scsi: qla2xxx: Remove default fabric ops callouts (bsc#1211960).
- scsi: qla2xxx: Replace all non-returning strlcpy() with strscpy() (bsc#1211960).
- scsi: qla2xxx: Replace all non-returning strlcpy() with strscpy() (bsc#1211960).
- scsi: qla2xxx: Update version to 10.02.08.300-k (bsc#1211960).
- scsi: qla2xxx: Update version to 10.02.08.300-k (bsc#1211960).
- scsi: qla2xxx: Wait for io return on terminate rport (bsc#1211960).
- scsi: qla2xxx: Wait for io return on terminate rport (bsc#1211960).
- scsi: storvsc: Parameterize number hardware queues (bsc#1211622).
- sctp: avoid flushing unsent queue when doing asoc reset (git-fixes).
- sctp: fix erroneous inc of snmp SctpFragUsrMsgs (git-fixes).
- sctp: fix the issue that a __u16 variable may overflow in sctp_ulpq_renege (git-fixes).
- sctp: make use of pre-calculated len (git-fixes).
- seccomp: Set PF_SUPERPRIV when checking capability (git-fixes bsc#1211816).
- sfc: suppress duplicate nvmem partition types in efx_ef10_mtd_probe (git-fixes).
- sit: fix IFLA_MTU ignored on NEWLINK (git-fixes).
- stmmac: fix valid numbers of unicast filter entries (git-fixes).
- sunvnet: does not support GSO for sctp (git-fixes).
- usb: dwc3: Fix race between dwc3_set_mode and __dwc3_set_mode (git-fixes).
- usb: early: xhci-dbc: Fix a potential out-of-bound memory access (git-fixes).
- usrmerge: Compatibility with earlier rpm (boo#1211796)
- usrmerge: Remove usrmerge compatibility symlink in buildroot (boo#1211796).
- vrf: mark skb for multicast or link-local as enslaved to VRF (git-fixes).
- wcn36xx: Add ability for wcn36xx_smd_dump_cmd_req to pass two's complement (git-fixes).
- wcn36xx: Add ieee80211 rx status rate information (git-fixes).
- wcn36xx: Channel list update before hardware scan (git-fixes).
- wcn36xx: Disable bmps when encryption is disabled (git-fixes).
- wcn36xx: Ensure finish scan is not requested before start scan (git-fixes).
- wcn36xx: Fix TX data path (git-fixes).
- wcn36xx: Fix multiple AMPDU sessions support (git-fixes).
- wcn36xx: Fix software-driven scan (git-fix).
- wcn36xx: Fix warning due to bad rate_idx (git-fixes).
- wcn36xx: Increase number of TX retries (git-fixes).
- wcn36xx: Specify ieee80211_rx_status.nss (git-fixes).
- wcn36xx: Use kmemdup instead of duplicating it in wcn36xx_smd_process_ptt_msg_rsp (git-fixes).
- wcn36xx: Use sequence number allocated by mac80211 (git-fixes).
- wcn36xx: disable HW_CONNECTION_MONITOR (git-fixes).
- wcn36xx: ensure pairing of init_scan/finish_scan and start_scan/end_scan (git-fixes).
- wcn36xx: fix spelling mistake 'to' -> 'too' (git-fixes).
- wcn36xx: fix typo (git-fixes).
- wcn36xx: remove unecessary return (git-fixes).
- wcn36xx: use dma_zalloc_coherent instead of allocator/memset (git-fixes).
- workqueue: Fix hung time report of worker pools (bsc#1211044).
- workqueue: Interrupted create_worker() is not a repeated event (bsc#1211044).
- workqueue: Print backtraces from CPUs with hung CPU bound workqueues (bsc#1211044).
- workqueue: Warn when a new worker could not be created (bsc#1211044).
- workqueue: Warn when a rescuer could not be created (bsc#1211044).
- x86/kvm/vmx: fix old-style function declaration (git-fixes).
- x86/kvm: Do not call kvm_spurious_fault() from .fixup (git-fixes).
- x86: kvm: avoid constant-conversion warning (git-fixes).
- xen/netback: do not do grant copy across page boundary (git-fixes).
- xen/netback: use same error messages for same errors (git-fixes).
- xfrm: Fix stack-out-of-bounds with misconfigured transport mode policies (git-fixes).
Patchnames: SUSE-2023-2507,SUSE-SLE-SERVER-12-SP5-2023-2507
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4.7 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.1 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.1 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.1 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.1 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.1 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.6 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.9 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
108 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP5 AZURE kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-2269: Fixed a denial-of-service problem due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c (bsc#1210806).\n- CVE-2022-3566: Fixed race condition in the TCP Handler (bsc#1204405).\n- CVE-2022-45886: Fixed a .disconnect versus dvb_device_open race condition in dvb_net.c that lead to a use-after-free (bsc#1205760).\n- CVE-2022-45885: Fixed a race condition in dvb_frontend.c that could cause a use-after-free when a device is disconnected (bsc#1205758).\n- CVE-2022-45887: Fixed a memory leak in ttusb_dec.c caused by the lack of a dvb_frontend_detach call (bsc#1205762).\n- CVE-2022-45919: Fixed a use-after-free in dvb_ca_en50221.c that could occur if there is a disconnect after an open, because of the lack of a wait_event (bsc#1205803).\n- CVE-2022-45884: Fixed a use-after-free in dvbdev.c, related to dvb_register_device dynamically allocating fops (bsc#1205756).\n- CVE-2023-31084: Fixed a blocking issue in drivers/media/dvb-core/dvb_frontend.c (bsc#1210783).\n- CVE-2023-31436: Fixed an out-of-bounds write in qfq_change_class() because lmax can exceed QFQ_MIN_LMAX (bsc#1210940).\n- CVE-2023-2194: Fixed an out-of-bounds write vulnerability in the SLIMpro I2C device driver (bsc#1210715).\n- CVE-2023-32269: Fixed a use-after-free in af_netrom.c, related to the fact that accept() was also allowed for a successfully connected AF_NETROM socket (bsc#1211186).\n- CVE-2023-28466: Fixed race condition that could lead to use-after-free or NULL pointer dereference in do_tls_getsockopt in net/tls/tls_main.c (bsc#1209366).\n- CVE-2023-1380: Fixed a slab-out-of-bound read problem in brcmf_get_assoc_ies() (bsc#1209287).\n- CVE-2023-2513: Fixed a use-after-free vulnerability in the ext4 filesystem (bsc#1211105).\n- CVE-2023-2176: Fixed an out-of-boundary read in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA (bsc#1210629).\n\n\nThe following non-security bugs were fixed:\n\n- ACPI: processor: Fix evaluating _PDC method when running as Xen dom0 (git-fixes).\n- Documentation: Document sysfs interfaces purr, spurr, idle_purr, idle_spurr (PED-3947 bsc#1210544 ltc#202303).\n- Drivers: hv: vmbus: Optimize vmbus_on_event (bsc#1211622).\n- Fix usrmerge error (boo#1211796)\n- IB/hfi1: Assign npages earlier (git-fixes)\n- IB/iser: bound protection_sg size by data_sg size (git-fixes)\n- IB/mlx4: Fix memory leaks (git-fixes)\n- IB/mlx4: Increase the timeout for CM cache (git-fixes)\n- IB/mlx5: Fix initializing CQ fragments buffer (git-fixes)\n- IB/rdmavt: Add __init/__exit annotations to module init/exit funcs (git-fixes)\n- IB/usnic: Fix potential deadlock (git-fixes)\n- KVM: nSVM: clear events pending from svm_complete_interrupts() when exiting to L1 (git-fixes).\n- KVM: x86: Update the exit_qualification access bits while walking an address (git-fixes).\n- KVM: x86: avoid misreporting level-triggered irqs as edge-triggered in tracing (git-fixes).\n- KVM: x86: emulator: em_sysexit should update ctxt-\u003emode (git-fixes).\n- KVM: x86: emulator: introduce emulator_recalc_and_set_mode (git-fixes).\n- KVM: x86: emulator: update the emulation mode after CR0 write (git-fixes).\n- KVM: x86: fix empty-body warnings (git-fixes).\n- KVM: x86: fix incorrect comparison in trace event (git-fixes).\n- KVM: x86: svm: report MSR_IA32_MCG_EXT_CTL as unsupported (git-fixes).\n- Move upstreamed media fixes into sorted section\n- PCI: Add ACS quirks for Cavium multi-function devices (git-fixes).\n- PCI: Call Max Payload Size-related fixup quirks early (git-fixes).\n- PCI: Mark Atheros QCA6174 to avoid bus reset (git-fixes).\n- PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported (git-fixes).\n- PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure (git-fixes).\n- PCI: aardvark: Configure PCIe resources from \u0027ranges\u0027 DT property (git-fixes).\n- PCI: aardvark: Fix PCIe Max Payload Size setting (git-fixes).\n- PCI: aardvark: Fix checking for PIO status (git-fixes).\n- PCI: aardvark: Fix masking and unmasking legacy INTx interrupts (git-fixes).\n- PCI: aardvark: Increase polling delay to 1.5s while waiting for PIO response (git-fixes).\n- PCI: xilinx-nwl: Enable the clock through CCF (git-fixes).\n- RDMA/bnxt_re: Restrict the max_gids to 256 (git-fixes)\n- RDMA/cma: Do not change route.addr.src_addr.ss_family (git-fixes)\n- RDMA/cma: Fix rdma_resolve_route() memory leak (git-fixes)\n- RDMA/core: Do not access cm_id after its destruction (git-fixes)\n- RDMA/cxgb4: Fix missing error code in create_qp() (git-fixes)\n- RDMA/hfi1: Prevent panic when SDMA is disabled (git-fixes)\n- RDMA/hns: Bugfix for querying qkey (git-fixes)\n- RDMA/i40iw: Fix potential use after free (git-fixes)\n- RDMA/iw_cgxb4: Fix an error handling path in \u0027c4iw_connect()\u0027 (git-fixes)\n- RDMA/mlx4: Prevent shift wrapping in set_user_sq_size() (git-fixes)\n- RDMA/mlx5: Block delay drop to unprivileged users (git-fixes)\n- RDMA/rxe: Fix error type of mmap_offset (git-fixes)\n- RDMA/srp: Move large values to a new enum for gcc13 (git-fixes)\n- RDMA/srp: Propagate ib_post_send() failures to the SCSI mid-layer (git-fixes)\n- RDMA/usnic: fix set-but-not-unused variable \u0027flags\u0027 warning (git-fixes)\n- RDMa/mthca: Work around -Wenum-conversion warning (git-fixes)\n- RDS: IB: Fix null pointer issue (git-fixes).\n- USB: core: Add routines for endpoint checks in old drivers (git-fixes).\n- USB: sisusbvga: Add endpoint checks (git-fixes).\n- Update patch reference for libata fix (bsc#1118212).\n- adm8211: fix error return code in adm8211_probe() (git-fixes).\n- backlight: lm3630a: Fix return code of .update_status() callback (bsc#1129770)\n- blacklist.conf: workqueue: Cosmetic change. Not worth backporting (bsc#1211275)\n- bonding: show full hw address in sysfs for slave entries (git-fixes).\n- ceph: force updating the msg pointer in non-split case (bsc#1211801).\n- cpuidle/powernv: avoid double irq enable coming out of idle (PED-3947 bsc#1210544 ltc#202303).\n- cpuidle: powerpc: cpuidle set polling before enabling irqs (PED-3947 bsc#1210544 ltc#202303).\n- cpuidle: powerpc: no memory barrier after break from idle (PED-3947 bsc#1210544 ltc#202303).\n- cpuidle: powerpc: read mostly for common globals (PED-3947 bsc#1210544 ltc#202303).\n- ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h (bsc#1206878).\n- f2fs: Fix f2fs_truncate_partial_nodes ftrace event (git-fixes).\n- fbcon: Check font dimension limits (bsc#1154048)\n- fbdev: uvesafb: Fixes an error handling path in uvesafb_probe() (bsc#1154048)\n- fix kcm_clone() (git-fixes).\n- fotg210-udc: Add missing completion handler (git-fixes).\n- ip6_tunnel: allow ip6gre dev mtu to be set below 1280 (git-fixes).\n- ip6_tunnel: fix IFLA_MTU ignored on NEWLINK (git-fixes).\n- ipoib: correcly show a VF hardware address (git-fixes)\n- ipv4: ipv4_default_advmss() should use route mtu (git-fixes).\n- ipv6: Reinject IPv6 packets if IPsec policy matches after SNAT (git-fixes).\n- ipv6: icmp6: Allow icmp messages to be looped back (git-fixes).\n- ipv6: sr: fix out-of-bounds read when setting HMAC data (bsc#1211592).\n- kcm: Check if sk_user_data already set in kcm_attach (git-fixes).\n- kernel-binary: install expoline.o (boo#1210791 bsc#1211089)\n- kernel-source: Remove unused macro variant_symbols\n- kernel-spec-macros: Fix up obsolete_rebuilds_subpackage to generate obsoletes correctly (boo#1172073 bsc#1191731).\n- kvm: mmu: Do not read PDPTEs when paging is not enabled (git-fixes).\n- l2tp: remove configurable payload offset (git-fixes).\n- l2tp: remove l2specific_len dependency in l2tp_core (git-fixes).\n- libata: add horkage for ASMedia 1092 (git-fixes).\n- mac80211: choose first enabled channel for monitor (git-fixes).\n- mac80211: drop multicast fragments (git-fixes).\n- mac80211: fix fast-rx encryption check (git-fixes).\n- mac80211: pause TX while changing interface type (git-fixes).\n- media: radio-shark: Add endpoint checks (git-fixes).\n- mlx4: Use snprintf instead of complicated strcpy (git-fixes)\n- mwl8k: Fix a double Free in mwl8k_probe_hw (git-fixes).\n- net/iucv: Fix size of interrupt data (bsc#1211466).\n- net/mlx4_core: Fix return codes of unsupported operations (git-fixes).\n- net/tcp/illinois: replace broken algorithm reference link (git-fixes).\n- net: Extra \u0027_get\u0027 in declaration of arch_get_platform_mac_address (git-fixes).\n- net: altera_tse: fix connect_local_phy error path (git-fixes).\n- net: altera_tse: fix msgdma_tx_completion on non-zero fill_level case (git-fixes).\n- net: amd: add missing of_node_put() (git-fixes).\n- net: arc_emac: fix arc_emac_rx() error paths (git-fixes).\n- net: broadcom: fix return type of ndo_start_xmit function (git-fixes).\n- net: davinci_emac: match the mdio device against its compatible if possible (git-fixes).\n- net: dsa: b53: Add BCM5389 support (git-fixes).\n- net: dsa: bcm_sf2: Turn on PHY to allow successful registration (git-fixes).\n- net: dsa: mt7530: fix module autoloading for OF platform drivers (git-fixes).\n- net: dsa: qca8k: Add support for QCA8334 switch (git-fixes).\n- net: emac: fix fixed-link setup for the RTL8363SB switch (git-fixes).\n- net: ethernet: ti: cpsw-phy-sel: check bus_find_device() ret value (git-fixes).\n- net: faraday: fix return type of ndo_start_xmit function (git-fixes).\n- net: hisilicon: remove unexpected free_netdev (git-fixes).\n- net: hns3: fix return type of ndo_start_xmit function (git-fixes).\n- net: hns: Fix wrong read accesses via Clause 45 MDIO protocol (git-fixes).\n- net: ibm: fix possible object reference leak (git-fixes).\n- net: ipv6: send NS for DAD when link operationally up (git-fixes).\n- net: mediatek: setup proper state for disabled GMAC on the default (git-fixes).\n- net: micrel: fix return type of ndo_start_xmit function (git-fixes).\n- net: mvneta: fix enable of all initialized RXQs (git-fixes).\n- net: netxen: fix a missing check and an uninitialized use (git-fixes).\n- net: propagate dev_get_valid_name return code (git-fixes).\n- net: qca_spi: Fix log level if probe fails (git-fixes).\n- net: qcom/emac: Use proper free methods during TX (git-fixes).\n- net: qla3xxx: Remove overflowing shift statement (git-fixes).\n- net: smsc: fix return type of ndo_start_xmit function (git-fixes).\n- net: stmmac: do not log oversized frames (git-fixes).\n- net: stmmac: fix dropping of multi-descriptor RX frames (git-fixes).\n- net: sun: fix return type of ndo_start_xmit function (git-fixes).\n- net: toshiba: fix return type of ndo_start_xmit function (git-fixes).\n- net: xfrm: allow clearing socket xfrm policies (git-fixes).\n- net: xilinx: fix return type of ndo_start_xmit function (git-fixes).\n- netfilter: ebtables: convert BUG_ONs to WARN_ONs (git-fixes).\n- netfilter: ipt_CLUSTERIP: put config instead of freeing it (git-fixes).\n- netfilter: ipt_CLUSTERIP: put config struct if we can\u0027t increment ct refcount (git-fixes).\n- nvme-pci: avoid the deepest sleep state on Kingston A2000 SSDs (git-fixes).\n- nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags (git-fixes).\n- nvme-pci: unquiesce admin queue on shutdown (git-fixes).\n- nvme-pci: use the same attributes when freeing host_mem_desc_bufs (git-fixes).\n- nvme: Fix u32 overflow in the number of namespace list calculation (git-fixes).\n- nvme: free sq/cq dbbuf pointers when dbbuf set fails (git-fixes).\n- nvme: refine the Qemu Identify CNS quirk (git-fixes).\n- nvme: remove the ifdef around nvme_nvm_ioctl (git-fixes).\n- platform/x86: alienware-wmi: Adjust instance of wmi_evaluate_method calls to 0 (git-fixes).\n- platform/x86: alienware-wmi: constify attribute_group structures (git-fixes).\n- platform/x86: alienware-wmi: fix format string overflow warning (git-fixes).\n- platform/x86: alienware-wmi: fix kfree on potentially uninitialized pointer (git-fixes).\n- platform/x86: dell-laptop: fix rfkill functionality.\n- platform/x86: dell-smbios-wmi: Add missing kfree in error-exit from run_smbios_call (git-fixes).\n- platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (git-fixes).\n- powerpc/idle: Store PURR snapshot in a per-cpu global variable (PED-3947 bsc#1210544 ltc#202303).\n- powerpc/pseries: Account for SPURR ticks on idle CPUs (PED-3947 bsc#1210544 ltc#202303).\n- powerpc/rtas: use memmove for potentially overlapping buffer copy (bsc#1065729).\n- powerpc/sysfs: Show idle_purr and idle_spurr for every CPU (PED-3947 bsc#1210544 ltc#202303).\n- powerpc: Do not try to copy PPR for task with NULL pt_regs (bsc#1065729).\n- powerpc: Move idle_loop_prolog()/epilog() functions to header file (PED-3947 bsc#1210544 ltc#202303).\n- powerpc: Squash lines for simple wrapper functions (bsc#1065729).\n- rds; Reset rs-\u003ers_bound_addr in rds_add_bound() failure path (git-fixes).\n- ring-buffer: Ensure proper resetting of atomic variables in ring_buffer_reset_online_cpus (git-fixes).\n- ring-buffer: Sync IRQ works before buffer destruction (git-fixes).\n- rpm/constraints.in: Increase disk size constraint for riscv64 to 52GB\n- rpm/kernel-binary.spec.in: Fix missing kernel-preempt-devel and KMP Provides (bsc#1199046)\n- rxe: IB_WR_REG_MR does not capture MR\u0027s iova field (git-fixes)\n- s390/dasd: correct numa_node in dasd_alloc_queue (git-fixes bsc#1211362).\n- s390/extmem: fix gcc 8 stringop-overflow warning (git-fixes bsc#1211363).\n- s390/kasan: fix early pgm check handler execution (git-fixes bsc#1211360).\n- s390/pci: fix sleeping in atomic during hotplug (git-fixes bsc#1211364).\n- s390/scm_blk: correct numa_node in scm_blk_dev_setup (git-fixes bsc#1211365).\n- s390/sysinfo: add missing #ifdef CONFIG_PROC_FS (git-fixes bsc#1211366).\n- s390/uaccess: add missing earlyclobber annotations to __clear_user() (LTC#202116 bsc#1209857 git-fixes).\n- s390: ctcm: fix ctcm_new_device error return code (git-fixes bsc#1211361).\n- scsi: qla2xxx: Declare SCSI host template const (bsc#1211960).\n- scsi: qla2xxx: Drop redundant pci_enable_pcie_error_reporting() (bsc#1211960).\n- scsi: qla2xxx: Fix hang in task management (bsc#1211960).\n- scsi: qla2xxx: Fix hang in task management (bsc#1211960).\n- scsi: qla2xxx: Fix mem access after free (bsc#1211960).\n- scsi: qla2xxx: Fix mem access after free (bsc#1211960).\n- scsi: qla2xxx: Fix task management cmd fail due to unavailable resource (bsc#1211960).\n- scsi: qla2xxx: Fix task management cmd fail due to unavailable resource (bsc#1211960).\n- scsi: qla2xxx: Fix task management cmd failure (bsc#1211960).\n- scsi: qla2xxx: Fix task management cmd failure (bsc#1211960).\n- scsi: qla2xxx: Multi-que support for TMF (bsc#1211960).\n- scsi: qla2xxx: Multi-que support for TMF (bsc#1211960).\n- scsi: qla2xxx: Refer directly to the qla2xxx_driver_template (bsc#1211960).\n- scsi: qla2xxx: Remove default fabric ops callouts (bsc#1211960).\n- scsi: qla2xxx: Replace all non-returning strlcpy() with strscpy() (bsc#1211960).\n- scsi: qla2xxx: Replace all non-returning strlcpy() with strscpy() (bsc#1211960).\n- scsi: qla2xxx: Update version to 10.02.08.300-k (bsc#1211960).\n- scsi: qla2xxx: Update version to 10.02.08.300-k (bsc#1211960).\n- scsi: qla2xxx: Wait for io return on terminate rport (bsc#1211960).\n- scsi: qla2xxx: Wait for io return on terminate rport (bsc#1211960).\n- scsi: storvsc: Parameterize number hardware queues (bsc#1211622).\n- sctp: avoid flushing unsent queue when doing asoc reset (git-fixes).\n- sctp: fix erroneous inc of snmp SctpFragUsrMsgs (git-fixes).\n- sctp: fix the issue that a __u16 variable may overflow in sctp_ulpq_renege (git-fixes).\n- sctp: make use of pre-calculated len (git-fixes).\n- seccomp: Set PF_SUPERPRIV when checking capability (git-fixes bsc#1211816).\n- sfc: suppress duplicate nvmem partition types in efx_ef10_mtd_probe (git-fixes).\n- sit: fix IFLA_MTU ignored on NEWLINK (git-fixes).\n- stmmac: fix valid numbers of unicast filter entries (git-fixes).\n- sunvnet: does not support GSO for sctp (git-fixes).\n- usb: dwc3: Fix race between dwc3_set_mode and __dwc3_set_mode (git-fixes).\n- usb: early: xhci-dbc: Fix a potential out-of-bound memory access (git-fixes).\n- usrmerge: Compatibility with earlier rpm (boo#1211796)\n- usrmerge: Remove usrmerge compatibility symlink in buildroot (boo#1211796).\n- vrf: mark skb for multicast or link-local as enslaved to VRF (git-fixes).\n- wcn36xx: Add ability for wcn36xx_smd_dump_cmd_req to pass two\u0027s complement (git-fixes).\n- wcn36xx: Add ieee80211 rx status rate information (git-fixes).\n- wcn36xx: Channel list update before hardware scan (git-fixes).\n- wcn36xx: Disable bmps when encryption is disabled (git-fixes).\n- wcn36xx: Ensure finish scan is not requested before start scan (git-fixes).\n- wcn36xx: Fix TX data path (git-fixes).\n- wcn36xx: Fix multiple AMPDU sessions support (git-fixes).\n- wcn36xx: Fix software-driven scan (git-fix).\n- wcn36xx: Fix warning due to bad rate_idx (git-fixes).\n- wcn36xx: Increase number of TX retries (git-fixes).\n- wcn36xx: Specify ieee80211_rx_status.nss (git-fixes).\n- wcn36xx: Use kmemdup instead of duplicating it in wcn36xx_smd_process_ptt_msg_rsp (git-fixes).\n- wcn36xx: Use sequence number allocated by mac80211 (git-fixes).\n- wcn36xx: disable HW_CONNECTION_MONITOR (git-fixes).\n- wcn36xx: ensure pairing of init_scan/finish_scan and start_scan/end_scan (git-fixes).\n- wcn36xx: fix spelling mistake \u0027to\u0027 -\u003e \u0027too\u0027 (git-fixes).\n- wcn36xx: fix typo (git-fixes).\n- wcn36xx: remove unecessary return (git-fixes).\n- wcn36xx: use dma_zalloc_coherent instead of allocator/memset (git-fixes).\n- workqueue: Fix hung time report of worker pools (bsc#1211044).\n- workqueue: Interrupted create_worker() is not a repeated event (bsc#1211044).\n- workqueue: Print backtraces from CPUs with hung CPU bound workqueues (bsc#1211044).\n- workqueue: Warn when a new worker could not be created (bsc#1211044).\n- workqueue: Warn when a rescuer could not be created (bsc#1211044).\n- x86/kvm/vmx: fix old-style function declaration (git-fixes).\n- x86/kvm: Do not call kvm_spurious_fault() from .fixup (git-fixes).\n- x86: kvm: avoid constant-conversion warning (git-fixes).\n- xen/netback: do not do grant copy across page boundary (git-fixes).\n- xen/netback: use same error messages for same errors (git-fixes).\n- xfrm: Fix stack-out-of-bounds with misconfigured transport mode policies (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-2507,SUSE-SLE-SERVER-12-SP5-2023-2507",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2507-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:2507-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232507-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:2507-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2023-June/029874.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1118212",
"url": "https://bugzilla.suse.com/1118212"
},
{
"category": "self",
"summary": "SUSE Bug 1129770",
"url": "https://bugzilla.suse.com/1129770"
},
{
"category": "self",
"summary": "SUSE Bug 1154048",
"url": "https://bugzilla.suse.com/1154048"
},
{
"category": "self",
"summary": "SUSE Bug 1172073",
"url": "https://bugzilla.suse.com/1172073"
},
{
"category": "self",
"summary": "SUSE Bug 1191731",
"url": "https://bugzilla.suse.com/1191731"
},
{
"category": "self",
"summary": "SUSE Bug 1199046",
"url": "https://bugzilla.suse.com/1199046"
},
{
"category": "self",
"summary": "SUSE Bug 1204405",
"url": "https://bugzilla.suse.com/1204405"
},
{
"category": "self",
"summary": "SUSE Bug 1205756",
"url": "https://bugzilla.suse.com/1205756"
},
{
"category": "self",
"summary": "SUSE Bug 1205758",
"url": "https://bugzilla.suse.com/1205758"
},
{
"category": "self",
"summary": "SUSE Bug 1205760",
"url": "https://bugzilla.suse.com/1205760"
},
{
"category": "self",
"summary": "SUSE Bug 1205762",
"url": "https://bugzilla.suse.com/1205762"
},
{
"category": "self",
"summary": "SUSE Bug 1205803",
"url": "https://bugzilla.suse.com/1205803"
},
{
"category": "self",
"summary": "SUSE Bug 1206878",
"url": "https://bugzilla.suse.com/1206878"
},
{
"category": "self",
"summary": "SUSE Bug 1209287",
"url": "https://bugzilla.suse.com/1209287"
},
{
"category": "self",
"summary": "SUSE Bug 1209366",
"url": "https://bugzilla.suse.com/1209366"
},
{
"category": "self",
"summary": "SUSE Bug 1209857",
"url": "https://bugzilla.suse.com/1209857"
},
{
"category": "self",
"summary": "SUSE Bug 1210544",
"url": "https://bugzilla.suse.com/1210544"
},
{
"category": "self",
"summary": "SUSE Bug 1210629",
"url": "https://bugzilla.suse.com/1210629"
},
{
"category": "self",
"summary": "SUSE Bug 1210715",
"url": "https://bugzilla.suse.com/1210715"
},
{
"category": "self",
"summary": "SUSE Bug 1210783",
"url": "https://bugzilla.suse.com/1210783"
},
{
"category": "self",
"summary": "SUSE Bug 1210791",
"url": "https://bugzilla.suse.com/1210791"
},
{
"category": "self",
"summary": "SUSE Bug 1210806",
"url": "https://bugzilla.suse.com/1210806"
},
{
"category": "self",
"summary": "SUSE Bug 1210940",
"url": "https://bugzilla.suse.com/1210940"
},
{
"category": "self",
"summary": "SUSE Bug 1211044",
"url": "https://bugzilla.suse.com/1211044"
},
{
"category": "self",
"summary": "SUSE Bug 1211089",
"url": "https://bugzilla.suse.com/1211089"
},
{
"category": "self",
"summary": "SUSE Bug 1211105",
"url": "https://bugzilla.suse.com/1211105"
},
{
"category": "self",
"summary": "SUSE Bug 1211186",
"url": "https://bugzilla.suse.com/1211186"
},
{
"category": "self",
"summary": "SUSE Bug 1211275",
"url": "https://bugzilla.suse.com/1211275"
},
{
"category": "self",
"summary": "SUSE Bug 1211360",
"url": "https://bugzilla.suse.com/1211360"
},
{
"category": "self",
"summary": "SUSE Bug 1211361",
"url": "https://bugzilla.suse.com/1211361"
},
{
"category": "self",
"summary": "SUSE Bug 1211362",
"url": "https://bugzilla.suse.com/1211362"
},
{
"category": "self",
"summary": "SUSE Bug 1211363",
"url": "https://bugzilla.suse.com/1211363"
},
{
"category": "self",
"summary": "SUSE Bug 1211364",
"url": "https://bugzilla.suse.com/1211364"
},
{
"category": "self",
"summary": "SUSE Bug 1211365",
"url": "https://bugzilla.suse.com/1211365"
},
{
"category": "self",
"summary": "SUSE Bug 1211366",
"url": "https://bugzilla.suse.com/1211366"
},
{
"category": "self",
"summary": "SUSE Bug 1211466",
"url": "https://bugzilla.suse.com/1211466"
},
{
"category": "self",
"summary": "SUSE Bug 1211592",
"url": "https://bugzilla.suse.com/1211592"
},
{
"category": "self",
"summary": "SUSE Bug 1211622",
"url": "https://bugzilla.suse.com/1211622"
},
{
"category": "self",
"summary": "SUSE Bug 1211796",
"url": "https://bugzilla.suse.com/1211796"
},
{
"category": "self",
"summary": "SUSE Bug 1211801",
"url": "https://bugzilla.suse.com/1211801"
},
{
"category": "self",
"summary": "SUSE Bug 1211816",
"url": "https://bugzilla.suse.com/1211816"
},
{
"category": "self",
"summary": "SUSE Bug 1211960",
"url": "https://bugzilla.suse.com/1211960"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3566 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3566/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-45884 page",
"url": "https://www.suse.com/security/cve/CVE-2022-45884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-45885 page",
"url": "https://www.suse.com/security/cve/CVE-2022-45885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-45886 page",
"url": "https://www.suse.com/security/cve/CVE-2022-45886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-45887 page",
"url": "https://www.suse.com/security/cve/CVE-2022-45887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-45919 page",
"url": "https://www.suse.com/security/cve/CVE-2022-45919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1380 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1380/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2176 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2194 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2194/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2269 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2269/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2513 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2513/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-28466 page",
"url": "https://www.suse.com/security/cve/CVE-2023-28466/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-31084 page",
"url": "https://www.suse.com/security/cve/CVE-2023-31084/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-31436 page",
"url": "https://www.suse.com/security/cve/CVE-2023-31436/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-32269 page",
"url": "https://www.suse.com/security/cve/CVE-2023-32269/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2023-06-14T07:24:56Z",
"generator": {
"date": "2023-06-14T07:24:56Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:2507-1",
"initial_release_date": "2023-06-14T07:24:56Z",
"revision_history": [
{
"date": "2023-06-14T07:24:56Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-4.12.14-16.136.1.noarch",
"product": {
"name": "kernel-devel-azure-4.12.14-16.136.1.noarch",
"product_id": "kernel-devel-azure-4.12.14-16.136.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-4.12.14-16.136.1.noarch",
"product": {
"name": "kernel-source-azure-4.12.14-16.136.1.noarch",
"product_id": "kernel-source-azure-4.12.14-16.136.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-4.12.14-16.136.1.x86_64",
"product": {
"name": "cluster-md-kmp-azure-4.12.14-16.136.1.x86_64",
"product_id": "cluster-md-kmp-azure-4.12.14-16.136.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-4.12.14-16.136.1.x86_64",
"product": {
"name": "dlm-kmp-azure-4.12.14-16.136.1.x86_64",
"product_id": "dlm-kmp-azure-4.12.14-16.136.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-4.12.14-16.136.1.x86_64",
"product": {
"name": "gfs2-kmp-azure-4.12.14-16.136.1.x86_64",
"product_id": "gfs2-kmp-azure-4.12.14-16.136.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-4.12.14-16.136.1.x86_64",
"product": {
"name": "kernel-azure-4.12.14-16.136.1.x86_64",
"product_id": "kernel-azure-4.12.14-16.136.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-base-4.12.14-16.136.1.x86_64",
"product": {
"name": "kernel-azure-base-4.12.14-16.136.1.x86_64",
"product_id": "kernel-azure-base-4.12.14-16.136.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-4.12.14-16.136.1.x86_64",
"product": {
"name": "kernel-azure-devel-4.12.14-16.136.1.x86_64",
"product_id": "kernel-azure-devel-4.12.14-16.136.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-4.12.14-16.136.1.x86_64",
"product": {
"name": "kernel-azure-extra-4.12.14-16.136.1.x86_64",
"product_id": "kernel-azure-extra-4.12.14-16.136.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-kgraft-devel-4.12.14-16.136.1.x86_64",
"product": {
"name": "kernel-azure-kgraft-devel-4.12.14-16.136.1.x86_64",
"product_id": "kernel-azure-kgraft-devel-4.12.14-16.136.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-4.12.14-16.136.1.x86_64",
"product": {
"name": "kernel-syms-azure-4.12.14-16.136.1.x86_64",
"product_id": "kernel-syms-azure-4.12.14-16.136.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-4.12.14-16.136.1.x86_64",
"product": {
"name": "kselftests-kmp-azure-4.12.14-16.136.1.x86_64",
"product_id": "kselftests-kmp-azure-4.12.14-16.136.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-4.12.14-16.136.1.x86_64",
"product": {
"name": "ocfs2-kmp-azure-4.12.14-16.136.1.x86_64",
"product_id": "ocfs2-kmp-azure-4.12.14-16.136.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.12.14-16.136.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64"
},
"product_reference": "kernel-azure-4.12.14-16.136.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.12.14-16.136.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64"
},
"product_reference": "kernel-azure-base-4.12.14-16.136.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.12.14-16.136.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.12.14-16.136.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.12.14-16.136.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch"
},
"product_reference": "kernel-devel-azure-4.12.14-16.136.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.12.14-16.136.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch"
},
"product_reference": "kernel-source-azure-4.12.14-16.136.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.12.14-16.136.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.12.14-16.136.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.12.14-16.136.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64"
},
"product_reference": "kernel-azure-4.12.14-16.136.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.12.14-16.136.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64"
},
"product_reference": "kernel-azure-base-4.12.14-16.136.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.12.14-16.136.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.12.14-16.136.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.12.14-16.136.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch"
},
"product_reference": "kernel-devel-azure-4.12.14-16.136.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.12.14-16.136.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch"
},
"product_reference": "kernel-source-azure-4.12.14-16.136.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.12.14-16.136.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.12.14-16.136.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-3566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3566"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcp_getsockopt/tcp_setsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier VDB-211089 was assigned to this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3566",
"url": "https://www.suse.com/security/cve/CVE-2022-3566"
},
{
"category": "external",
"summary": "SUSE Bug 1204405 for CVE-2022-3566",
"url": "https://bugzilla.suse.com/1204405"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:56Z",
"details": "moderate"
}
],
"title": "CVE-2022-3566"
},
{
"cve": "CVE-2022-45884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-45884"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-45884",
"url": "https://www.suse.com/security/cve/CVE-2022-45884"
},
{
"category": "external",
"summary": "SUSE Bug 1205756 for CVE-2022-45884",
"url": "https://bugzilla.suse.com/1205756"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:56Z",
"details": "moderate"
}
],
"title": "CVE-2022-45884"
},
{
"cve": "CVE-2022-45885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-45885"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a use-after-free when a device is disconnected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-45885",
"url": "https://www.suse.com/security/cve/CVE-2022-45885"
},
{
"category": "external",
"summary": "SUSE Bug 1205758 for CVE-2022-45885",
"url": "https://bugzilla.suse.com/1205758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:56Z",
"details": "moderate"
}
],
"title": "CVE-2022-45885"
},
{
"cve": "CVE-2022-45886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-45886"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-45886",
"url": "https://www.suse.com/security/cve/CVE-2022-45886"
},
{
"category": "external",
"summary": "SUSE Bug 1205760 for CVE-2022-45886",
"url": "https://bugzilla.suse.com/1205760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:56Z",
"details": "moderate"
}
],
"title": "CVE-2022-45886"
},
{
"cve": "CVE-2022-45887",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-45887"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-45887",
"url": "https://www.suse.com/security/cve/CVE-2022-45887"
},
{
"category": "external",
"summary": "SUSE Bug 1205762 for CVE-2022-45887",
"url": "https://bugzilla.suse.com/1205762"
},
{
"category": "external",
"summary": "SUSE Bug 1220015 for CVE-2022-45887",
"url": "https://bugzilla.suse.com/1220015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:56Z",
"details": "moderate"
}
],
"title": "CVE-2022-45887"
},
{
"cve": "CVE-2022-45919",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-45919"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-45919",
"url": "https://www.suse.com/security/cve/CVE-2022-45919"
},
{
"category": "external",
"summary": "SUSE Bug 1205803 for CVE-2022-45919",
"url": "https://bugzilla.suse.com/1205803"
},
{
"category": "external",
"summary": "SUSE Bug 1208600 for CVE-2022-45919",
"url": "https://bugzilla.suse.com/1208600"
},
{
"category": "external",
"summary": "SUSE Bug 1208912 for CVE-2022-45919",
"url": "https://bugzilla.suse.com/1208912"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2022-45919",
"url": "https://bugzilla.suse.com/1214128"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2022-45919",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:56Z",
"details": "important"
}
],
"title": "CVE-2022-45919"
},
{
"cve": "CVE-2023-1380",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1380"
}
],
"notes": [
{
"category": "general",
"text": "A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info-\u003ereq_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1380",
"url": "https://www.suse.com/security/cve/CVE-2023-1380"
},
{
"category": "external",
"summary": "SUSE Bug 1209287 for CVE-2023-1380",
"url": "https://bugzilla.suse.com/1209287"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:56Z",
"details": "moderate"
}
],
"title": "CVE-2023-1380"
},
{
"cve": "CVE-2023-2176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2176"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2176",
"url": "https://www.suse.com/security/cve/CVE-2023-2176"
},
{
"category": "external",
"summary": "SUSE Bug 1210629 for CVE-2023-2176",
"url": "https://bugzilla.suse.com/1210629"
},
{
"category": "external",
"summary": "SUSE Bug 1210630 for CVE-2023-2176",
"url": "https://bugzilla.suse.com/1210630"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-2176",
"url": "https://bugzilla.suse.com/1213842"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:56Z",
"details": "important"
}
],
"title": "CVE-2023-2176"
},
{
"cve": "CVE-2023-2194",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2194"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds write vulnerability was found in the Linux kernel\u0027s SLIMpro I2C device driver. The userspace \"data-\u003eblock[0]\" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could allow a local privileged user to crash the system or potentially achieve code execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2194",
"url": "https://www.suse.com/security/cve/CVE-2023-2194"
},
{
"category": "external",
"summary": "SUSE Bug 1210715 for CVE-2023-2194",
"url": "https://bugzilla.suse.com/1210715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:56Z",
"details": "moderate"
}
],
"title": "CVE-2023-2194"
},
{
"cve": "CVE-2023-2269",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2269"
}
],
"notes": [
{
"category": "general",
"text": "A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2269",
"url": "https://www.suse.com/security/cve/CVE-2023-2269"
},
{
"category": "external",
"summary": "SUSE Bug 1210806 for CVE-2023-2269",
"url": "https://bugzilla.suse.com/1210806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:56Z",
"details": "moderate"
}
],
"title": "CVE-2023-2269"
},
{
"cve": "CVE-2023-2513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2513"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability was found in the Linux kernel\u0027s ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2513",
"url": "https://www.suse.com/security/cve/CVE-2023-2513"
},
{
"category": "external",
"summary": "SUSE Bug 1211105 for CVE-2023-2513",
"url": "https://bugzilla.suse.com/1211105"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:56Z",
"details": "moderate"
}
],
"title": "CVE-2023-2513"
},
{
"cve": "CVE-2023-28466",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-28466"
}
],
"notes": [
{
"category": "general",
"text": "do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-28466",
"url": "https://www.suse.com/security/cve/CVE-2023-28466"
},
{
"category": "external",
"summary": "SUSE Bug 1209366 for CVE-2023-28466",
"url": "https://bugzilla.suse.com/1209366"
},
{
"category": "external",
"summary": "SUSE Bug 1210452 for CVE-2023-28466",
"url": "https://bugzilla.suse.com/1210452"
},
{
"category": "external",
"summary": "SUSE Bug 1211833 for CVE-2023-28466",
"url": "https://bugzilla.suse.com/1211833"
},
{
"category": "external",
"summary": "SUSE Bug 1213841 for CVE-2023-28466",
"url": "https://bugzilla.suse.com/1213841"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:56Z",
"details": "important"
}
],
"title": "CVE-2023-28466"
},
{
"cve": "CVE-2023-31084",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-31084"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event, down(\u0026fepriv-\u003esem) is called. However, wait_event_interruptible would put the process to sleep, and down(\u0026fepriv-\u003esem) may block the process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-31084",
"url": "https://www.suse.com/security/cve/CVE-2023-31084"
},
{
"category": "external",
"summary": "SUSE Bug 1210783 for CVE-2023-31084",
"url": "https://bugzilla.suse.com/1210783"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:56Z",
"details": "moderate"
}
],
"title": "CVE-2023-31084"
},
{
"cve": "CVE-2023-31436",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-31436"
}
],
"notes": [
{
"category": "general",
"text": "qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-31436",
"url": "https://www.suse.com/security/cve/CVE-2023-31436"
},
{
"category": "external",
"summary": "SUSE Bug 1210940 for CVE-2023-31436",
"url": "https://bugzilla.suse.com/1210940"
},
{
"category": "external",
"summary": "SUSE Bug 1211260 for CVE-2023-31436",
"url": "https://bugzilla.suse.com/1211260"
},
{
"category": "external",
"summary": "SUSE Bug 1213841 for CVE-2023-31436",
"url": "https://bugzilla.suse.com/1213841"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-31436",
"url": "https://bugzilla.suse.com/1213842"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2023-31436",
"url": "https://bugzilla.suse.com/1214128"
},
{
"category": "external",
"summary": "SUSE Bug 1223091 for CVE-2023-31436",
"url": "https://bugzilla.suse.com/1223091"
},
{
"category": "external",
"summary": "SUSE Bug 1224419 for CVE-2023-31436",
"url": "https://bugzilla.suse.com/1224419"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:56Z",
"details": "important"
}
],
"title": "CVE-2023-31436"
},
{
"cve": "CVE-2023-32269",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-32269"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-32269",
"url": "https://www.suse.com/security/cve/CVE-2023-32269"
},
{
"category": "external",
"summary": "SUSE Bug 1211186 for CVE-2023-32269",
"url": "https://bugzilla.suse.com/1211186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.136.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.136.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.136.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-06-14T07:24:56Z",
"details": "moderate"
}
],
"title": "CVE-2023-32269"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…