SUSE-SU-2023:1895-1
Vulnerability from csaf_suse - Published: 2023-04-18 09:39 - Updated: 2023-04-18 09:39Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).
- CVE-2023-1838: Fixed an use-after-free flaw in virtio network subcomponent. This flaw could allow a local attacker to crash the system and lead to a kernel information leak problem. (bsc#1210203).
The following non-security bugs were fixed:
- alarmtimer: Prevent starvation by small intervals and SIG_IGN (git-fixes)
- ALSA: asihpi: check pao in control_message() (git-fixes).
- ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set() (git-fixes).
- ALSA: hda/realtek: Add quirk for Clevo X370SNW (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs do not work for a HP platform (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook (git-fixes).
- ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds (git-fixes).
- can: isotp: isotp_ops: fix poll() to not report false EPOLLOUT events (git-fixes).
- can: j1939: j1939_tp_tx_dat_new(): fix out-of-bounds memory access (git-fixes).
- cifs: double lock in cifs_reconnect_tcon() (git-fixes).
- clocksource/drivers/mediatek: Optimize systimer irq clear flow on shutdown (git-fixes).
- drm/amd/display: Add DSC Support for Synaptics Cascaded MST Hub (git-fixes).
- drm/etnaviv: fix reference leak when mmaping imported buffer (git-fixes).
- drm/panfrost: Fix the panfrost_mmu_map_fault_addr() error path (git-fixes).
- dt-bindings: serial: renesas,scif: Fix 4th IRQ for 4-IRQ SCIFs (git-fixes).
- fbdev: au1200fb: Fix potential divide by zero (git-fixes).
- fbdev: intelfb: Fix potential divide by zero (git-fixes).
- fbdev: lxfb: Fix potential divide by zero (git-fixes).
- fbdev: nvidia: Fix potential divide by zero (git-fixes).
- fbdev: tgafb: Fix potential divide by zero (git-fixes).
- ftrace: Fix issue that 'direct->addr' not restored in modify_ftrace_direct() (git-fixes).
- ftrace: Mark get_lock_parent_ip() __always_inline (git-fixes).
- gpio: davinci: Add irq chip flag to skip set wake (git-fixes).
- gpio: GPIO_REGMAP: select REGMAP instead of depending on it (git-fixes).
- iio: adc: ad7791: fix IRQ flags (git-fixes).
- iio: adc: ti-ads7950: Set `can_sleep` flag for GPIO chip (git-fixes).
- iio: adis16480: select CONFIG_CRC32 (git-fixes).
- iio: dac: cio-dac: Fix max DAC write value check for 12-bit (git-fixes).
- iio: light: cm32181: Unregister second I2C client if present (git-fixes).
- Input: focaltech - use explicitly signed char type (git-fixes).
- Input: goodix - add Lenovo Yoga Book X90F to nine_bytes_report DMI table (git-fixes).
- kABI workaround for xhci (git-fixes).
- mm: mmap: remove newline at the end of the trace (git-fixes).
- mtd: rawnand: meson: fix bitmask for length in command word (git-fixes).
- mtd: rawnand: stm32_fmc2: remove unsupported EDO mode (git-fixes).
- mtd: rawnand: stm32_fmc2: use timings.mode instead of checking tRC_min (git-fixes).
- mtdblock: tolerate corrected bit-flips (git-fixes).
- nilfs2: fix sysfs interface lifetime (git-fixes).
- platform/x86: think-lmi: Clean up display of current_value on Thinkstation (git-fixes).
- platform/x86: think-lmi: Fix memory leak when showing current settings (git-fixes).
- platform/x86: think-lmi: Fix memory leaks when parsing ThinkStation WMI strings (git-fixes).
- pwm: cros-ec: Explicitly set .polarity in .get_state() (git-fixes).
- pwm: sprd: Explicitly set .polarity in .get_state() (git-fixes).
- rcu: Fix rcu_torture_read ftrace event (git-fixes).
- ring-buffer: Fix race while reader and writer are on the same page (git-fixes).
- timers: Prevent union confusion from unexpected (git-fixes)
- tracing: Add trace_array_puts() to write into instance (git-fixes).
- tracing: Fix wrong return in kprobe_event_gen_test.c (git-fixes).
- tracing: Free error logs of tracing instances (git-fixes).
- tracing: Have tracing_snapshot_instance_cond() write errors to the appropriate instance (git-fixes).
- tty: serial: fsl_lpuart: avoid checking for transfer complete when UARTCTRL_SBK is asserted in lpuart32_tx_empty (git-fixes).
- tty: serial: sh-sci: Fix Rx on RZ/G2L SCI (git-fixes).
- tty: serial: sh-sci: Fix transmit end interrupt handler (git-fixes).
- usb: cdnsp: Fixes error: uninitialized symbol 'len' (git-fixes).
- usb: typec: altmodes/displayport: Fix configure initial pin assignment (git-fixes).
- usb: ucsi: Fix ucsi->connector race (git-fixes).
- usb: xhci: tegra: fix sleep in atomic call (git-fixes).
- wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta (git-fixes).
- wireguard: ratelimiter: use hrtimer in selftest (git-fixes)
- xhci: also avoid the XHCI_ZERO_64B_REGS quirk with a passthrough iommu (git-fixes).
- xhci: Free the command allocated for setting LPM if we return early (git-fixes).
Patchnames: SUSE-2023-1895,SUSE-SLE-Module-Public-Cloud-15-SP4-2023-1895,openSUSE-SLE-15.4-2023-1895
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4.7 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).\n- CVE-2023-1838: Fixed an use-after-free flaw in virtio network subcomponent. This flaw could allow a local attacker to crash the system and lead to a kernel information leak problem. (bsc#1210203).\n\nThe following non-security bugs were fixed:\n\n- alarmtimer: Prevent starvation by small intervals and SIG_IGN (git-fixes)\n- ALSA: asihpi: check pao in control_message() (git-fixes).\n- ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set() (git-fixes).\n- ALSA: hda/realtek: Add quirk for Clevo X370SNW (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs do not work for a HP platform (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook (git-fixes).\n- ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds (git-fixes).\n- can: isotp: isotp_ops: fix poll() to not report false EPOLLOUT events (git-fixes).\n- can: j1939: j1939_tp_tx_dat_new(): fix out-of-bounds memory access (git-fixes).\n- cifs: double lock in cifs_reconnect_tcon() (git-fixes).\n- clocksource/drivers/mediatek: Optimize systimer irq clear flow on shutdown (git-fixes).\n- drm/amd/display: Add DSC Support for Synaptics Cascaded MST Hub (git-fixes).\n- drm/etnaviv: fix reference leak when mmaping imported buffer (git-fixes).\n- drm/panfrost: Fix the panfrost_mmu_map_fault_addr() error path (git-fixes).\n- dt-bindings: serial: renesas,scif: Fix 4th IRQ for 4-IRQ SCIFs (git-fixes).\n- fbdev: au1200fb: Fix potential divide by zero (git-fixes).\n- fbdev: intelfb: Fix potential divide by zero (git-fixes).\n- fbdev: lxfb: Fix potential divide by zero (git-fixes).\n- fbdev: nvidia: Fix potential divide by zero (git-fixes).\n- fbdev: tgafb: Fix potential divide by zero (git-fixes).\n- ftrace: Fix issue that \u0027direct-\u003eaddr\u0027 not restored in modify_ftrace_direct() (git-fixes).\n- ftrace: Mark get_lock_parent_ip() __always_inline (git-fixes).\n- gpio: davinci: Add irq chip flag to skip set wake (git-fixes).\n- gpio: GPIO_REGMAP: select REGMAP instead of depending on it (git-fixes).\n- iio: adc: ad7791: fix IRQ flags (git-fixes).\n- iio: adc: ti-ads7950: Set `can_sleep` flag for GPIO chip (git-fixes).\n- iio: adis16480: select CONFIG_CRC32 (git-fixes).\n- iio: dac: cio-dac: Fix max DAC write value check for 12-bit (git-fixes).\n- iio: light: cm32181: Unregister second I2C client if present (git-fixes).\n- Input: focaltech - use explicitly signed char type (git-fixes).\n- Input: goodix - add Lenovo Yoga Book X90F to nine_bytes_report DMI table (git-fixes).\n- kABI workaround for xhci (git-fixes).\n- mm: mmap: remove newline at the end of the trace (git-fixes).\n- mtd: rawnand: meson: fix bitmask for length in command word (git-fixes).\n- mtd: rawnand: stm32_fmc2: remove unsupported EDO mode (git-fixes).\n- mtd: rawnand: stm32_fmc2: use timings.mode instead of checking tRC_min (git-fixes).\n- mtdblock: tolerate corrected bit-flips (git-fixes).\n- nilfs2: fix sysfs interface lifetime (git-fixes).\n- platform/x86: think-lmi: Clean up display of current_value on Thinkstation (git-fixes).\n- platform/x86: think-lmi: Fix memory leak when showing current settings (git-fixes).\n- platform/x86: think-lmi: Fix memory leaks when parsing ThinkStation WMI strings (git-fixes).\n- pwm: cros-ec: Explicitly set .polarity in .get_state() (git-fixes).\n- pwm: sprd: Explicitly set .polarity in .get_state() (git-fixes).\n- rcu: Fix rcu_torture_read ftrace event (git-fixes).\n- ring-buffer: Fix race while reader and writer are on the same page (git-fixes).\n- timers: Prevent union confusion from unexpected (git-fixes)\n- tracing: Add trace_array_puts() to write into instance (git-fixes).\n- tracing: Fix wrong return in kprobe_event_gen_test.c (git-fixes).\n- tracing: Free error logs of tracing instances (git-fixes).\n- tracing: Have tracing_snapshot_instance_cond() write errors to the appropriate instance (git-fixes).\n- tty: serial: fsl_lpuart: avoid checking for transfer complete when UARTCTRL_SBK is asserted in lpuart32_tx_empty (git-fixes).\n- tty: serial: sh-sci: Fix Rx on RZ/G2L SCI (git-fixes).\n- tty: serial: sh-sci: Fix transmit end interrupt handler (git-fixes).\n- usb: cdnsp: Fixes error: uninitialized symbol \u0027len\u0027 (git-fixes).\n- usb: typec: altmodes/displayport: Fix configure initial pin assignment (git-fixes).\n- usb: ucsi: Fix ucsi-\u003econnector race (git-fixes).\n- usb: xhci: tegra: fix sleep in atomic call (git-fixes).\n- wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta (git-fixes).\n- wireguard: ratelimiter: use hrtimer in selftest (git-fixes)\n- xhci: also avoid the XHCI_ZERO_64B_REGS quirk with a passthrough iommu (git-fixes).\n- xhci: Free the command allocated for setting LPM if we return early (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-1895,SUSE-SLE-Module-Public-Cloud-15-SP4-2023-1895,openSUSE-SLE-15.4-2023-1895",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_1895-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:1895-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20231895-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:1895-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2023-April/028845.html"
},
{
"category": "self",
"summary": "SUSE Bug 1209687",
"url": "https://bugzilla.suse.com/1209687"
},
{
"category": "self",
"summary": "SUSE Bug 1210203",
"url": "https://bugzilla.suse.com/1210203"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1611 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1611/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1838 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1838/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2023-04-18T09:39:06Z",
"generator": {
"date": "2023-04-18T09:39:06Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:1895-1",
"initial_release_date": "2023-04-18T09:39:06Z",
"revision_history": [
{
"date": "2023-04-18T09:39:06Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"product": {
"name": "cluster-md-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"product_id": "cluster-md-kmp-azure-5.14.21-150400.14.46.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"product": {
"name": "dlm-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"product_id": "dlm-kmp-azure-5.14.21-150400.14.46.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"product": {
"name": "gfs2-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"product_id": "gfs2-kmp-azure-5.14.21-150400.14.46.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-5.14.21-150400.14.46.1.aarch64",
"product": {
"name": "kernel-azure-5.14.21-150400.14.46.1.aarch64",
"product_id": "kernel-azure-5.14.21-150400.14.46.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-5.14.21-150400.14.46.1.aarch64",
"product": {
"name": "kernel-azure-devel-5.14.21-150400.14.46.1.aarch64",
"product_id": "kernel-azure-devel-5.14.21-150400.14.46.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-5.14.21-150400.14.46.1.aarch64",
"product": {
"name": "kernel-azure-extra-5.14.21-150400.14.46.1.aarch64",
"product_id": "kernel-azure-extra-5.14.21-150400.14.46.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-livepatch-devel-5.14.21-150400.14.46.1.aarch64",
"product": {
"name": "kernel-azure-livepatch-devel-5.14.21-150400.14.46.1.aarch64",
"product_id": "kernel-azure-livepatch-devel-5.14.21-150400.14.46.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-optional-5.14.21-150400.14.46.1.aarch64",
"product": {
"name": "kernel-azure-optional-5.14.21-150400.14.46.1.aarch64",
"product_id": "kernel-azure-optional-5.14.21-150400.14.46.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-5.14.21-150400.14.46.1.aarch64",
"product": {
"name": "kernel-syms-azure-5.14.21-150400.14.46.1.aarch64",
"product_id": "kernel-syms-azure-5.14.21-150400.14.46.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"product": {
"name": "kselftests-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"product_id": "kselftests-kmp-azure-5.14.21-150400.14.46.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"product": {
"name": "ocfs2-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"product_id": "ocfs2-kmp-azure-5.14.21-150400.14.46.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"product": {
"name": "reiserfs-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"product_id": "reiserfs-kmp-azure-5.14.21-150400.14.46.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-5.14.21-150400.14.46.1.noarch",
"product": {
"name": "kernel-devel-azure-5.14.21-150400.14.46.1.noarch",
"product_id": "kernel-devel-azure-5.14.21-150400.14.46.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-5.14.21-150400.14.46.1.noarch",
"product": {
"name": "kernel-source-azure-5.14.21-150400.14.46.1.noarch",
"product_id": "kernel-source-azure-5.14.21-150400.14.46.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"product": {
"name": "cluster-md-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"product_id": "cluster-md-kmp-azure-5.14.21-150400.14.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"product": {
"name": "dlm-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"product_id": "dlm-kmp-azure-5.14.21-150400.14.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"product": {
"name": "gfs2-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"product_id": "gfs2-kmp-azure-5.14.21-150400.14.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-5.14.21-150400.14.46.1.x86_64",
"product": {
"name": "kernel-azure-5.14.21-150400.14.46.1.x86_64",
"product_id": "kernel-azure-5.14.21-150400.14.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-5.14.21-150400.14.46.1.x86_64",
"product": {
"name": "kernel-azure-devel-5.14.21-150400.14.46.1.x86_64",
"product_id": "kernel-azure-devel-5.14.21-150400.14.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-5.14.21-150400.14.46.1.x86_64",
"product": {
"name": "kernel-azure-extra-5.14.21-150400.14.46.1.x86_64",
"product_id": "kernel-azure-extra-5.14.21-150400.14.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-livepatch-devel-5.14.21-150400.14.46.1.x86_64",
"product": {
"name": "kernel-azure-livepatch-devel-5.14.21-150400.14.46.1.x86_64",
"product_id": "kernel-azure-livepatch-devel-5.14.21-150400.14.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-optional-5.14.21-150400.14.46.1.x86_64",
"product": {
"name": "kernel-azure-optional-5.14.21-150400.14.46.1.x86_64",
"product_id": "kernel-azure-optional-5.14.21-150400.14.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-5.14.21-150400.14.46.1.x86_64",
"product": {
"name": "kernel-syms-azure-5.14.21-150400.14.46.1.x86_64",
"product_id": "kernel-syms-azure-5.14.21-150400.14.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"product": {
"name": "kselftests-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"product_id": "kselftests-kmp-azure-5.14.21-150400.14.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"product": {
"name": "ocfs2-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"product_id": "ocfs2-kmp-azure-5.14.21-150400.14.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"product": {
"name": "reiserfs-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"product_id": "reiserfs-kmp-azure-5.14.21-150400.14.46.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp4"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-5.14.21-150400.14.46.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.46.1.aarch64"
},
"product_reference": "kernel-azure-5.14.21-150400.14.46.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-5.14.21-150400.14.46.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.46.1.x86_64"
},
"product_reference": "kernel-azure-5.14.21-150400.14.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-5.14.21-150400.14.46.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.46.1.aarch64"
},
"product_reference": "kernel-azure-devel-5.14.21-150400.14.46.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-5.14.21-150400.14.46.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.46.1.x86_64"
},
"product_reference": "kernel-azure-devel-5.14.21-150400.14.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-5.14.21-150400.14.46.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.46.1.noarch"
},
"product_reference": "kernel-devel-azure-5.14.21-150400.14.46.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-5.14.21-150400.14.46.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.46.1.noarch"
},
"product_reference": "kernel-source-azure-5.14.21-150400.14.46.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-5.14.21-150400.14.46.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.46.1.aarch64"
},
"product_reference": "kernel-syms-azure-5.14.21-150400.14.46.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-5.14.21-150400.14.46.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.46.1.x86_64"
},
"product_reference": "kernel-syms-azure-5.14.21-150400.14.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-azure-5.14.21-150400.14.46.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.46.1.aarch64"
},
"product_reference": "cluster-md-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-azure-5.14.21-150400.14.46.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.46.1.x86_64"
},
"product_reference": "cluster-md-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-azure-5.14.21-150400.14.46.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.46.1.aarch64"
},
"product_reference": "dlm-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-azure-5.14.21-150400.14.46.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.46.1.x86_64"
},
"product_reference": "dlm-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-azure-5.14.21-150400.14.46.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.46.1.aarch64"
},
"product_reference": "gfs2-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-azure-5.14.21-150400.14.46.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.46.1.x86_64"
},
"product_reference": "gfs2-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-5.14.21-150400.14.46.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.46.1.aarch64"
},
"product_reference": "kernel-azure-5.14.21-150400.14.46.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-5.14.21-150400.14.46.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.46.1.x86_64"
},
"product_reference": "kernel-azure-5.14.21-150400.14.46.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-5.14.21-150400.14.46.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.46.1.aarch64"
},
"product_reference": "kernel-azure-devel-5.14.21-150400.14.46.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-5.14.21-150400.14.46.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.46.1.x86_64"
},
"product_reference": "kernel-azure-devel-5.14.21-150400.14.46.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-extra-5.14.21-150400.14.46.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.46.1.aarch64"
},
"product_reference": "kernel-azure-extra-5.14.21-150400.14.46.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-extra-5.14.21-150400.14.46.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.46.1.x86_64"
},
"product_reference": "kernel-azure-extra-5.14.21-150400.14.46.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-livepatch-devel-5.14.21-150400.14.46.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.46.1.aarch64"
},
"product_reference": "kernel-azure-livepatch-devel-5.14.21-150400.14.46.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-livepatch-devel-5.14.21-150400.14.46.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.46.1.x86_64"
},
"product_reference": "kernel-azure-livepatch-devel-5.14.21-150400.14.46.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-optional-5.14.21-150400.14.46.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.46.1.aarch64"
},
"product_reference": "kernel-azure-optional-5.14.21-150400.14.46.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-optional-5.14.21-150400.14.46.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.46.1.x86_64"
},
"product_reference": "kernel-azure-optional-5.14.21-150400.14.46.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-5.14.21-150400.14.46.1.noarch as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.46.1.noarch"
},
"product_reference": "kernel-devel-azure-5.14.21-150400.14.46.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-5.14.21-150400.14.46.1.noarch as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.46.1.noarch"
},
"product_reference": "kernel-source-azure-5.14.21-150400.14.46.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-5.14.21-150400.14.46.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.46.1.aarch64"
},
"product_reference": "kernel-syms-azure-5.14.21-150400.14.46.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-5.14.21-150400.14.46.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.46.1.x86_64"
},
"product_reference": "kernel-syms-azure-5.14.21-150400.14.46.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-azure-5.14.21-150400.14.46.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.46.1.aarch64"
},
"product_reference": "kselftests-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-azure-5.14.21-150400.14.46.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.46.1.x86_64"
},
"product_reference": "kselftests-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-azure-5.14.21-150400.14.46.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.46.1.aarch64"
},
"product_reference": "ocfs2-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-azure-5.14.21-150400.14.46.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.46.1.x86_64"
},
"product_reference": "ocfs2-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-azure-5.14.21-150400.14.46.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.46.1.aarch64"
},
"product_reference": "reiserfs-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-azure-5.14.21-150400.14.46.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.46.1.x86_64"
},
"product_reference": "reiserfs-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-1611",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1611"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.46.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.46.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.46.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.46.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.46.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.46.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.46.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.46.1.noarch",
"openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.46.1.noarch",
"openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.46.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1611",
"url": "https://www.suse.com/security/cve/CVE-2023-1611"
},
{
"category": "external",
"summary": "SUSE Bug 1209687 for CVE-2023-1611",
"url": "https://bugzilla.suse.com/1209687"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.46.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.46.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.46.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.46.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.46.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.46.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.46.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.46.1.noarch",
"openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.46.1.noarch",
"openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.46.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.46.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.46.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.46.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.46.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.46.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.46.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.46.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.46.1.noarch",
"openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.46.1.noarch",
"openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.46.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-18T09:39:06Z",
"details": "moderate"
}
],
"title": "CVE-2023-1611"
},
{
"cve": "CVE-2023-1838",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1838"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel information leak problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.46.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.46.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.46.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.46.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.46.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.46.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.46.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.46.1.noarch",
"openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.46.1.noarch",
"openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.46.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1838",
"url": "https://www.suse.com/security/cve/CVE-2023-1838"
},
{
"category": "external",
"summary": "SUSE Bug 1210203 for CVE-2023-1838",
"url": "https://bugzilla.suse.com/1210203"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.46.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.46.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.46.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.46.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.46.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.46.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.46.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.46.1.noarch",
"openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.46.1.noarch",
"openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.46.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.46.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.46.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.46.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.46.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.46.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.46.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.46.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.46.1.noarch",
"openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.46.1.noarch",
"openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.46.1.x86_64",
"openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.46.1.aarch64",
"openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.46.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-18T09:39:06Z",
"details": "moderate"
}
],
"title": "CVE-2023-1838"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…